search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bump copyright date to 2019
[tor.git] / src / feature / dirclient / dirclient.c
blob70b6a20028fc9089d4c88ec374c39f0f1ebc3074
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 #define DIRCLIENT_PRIVATE
7
8 #include "core/or/or.h"
9
10 #include "app/config/config.h"
11 #include "core/mainloop/connection.h"
12 #include "core/mainloop/mainloop.h"
13 #include "core/or/connection_edge.h"
14 #include "core/or/policies.h"
15 #include "feature/client/bridges.h"
16 #include "feature/client/entrynodes.h"
17 #include "feature/control/control.h"
18 #include "feature/dirauth/authmode.h"
19 #include "feature/dirauth/dirvote.h"
20 #include "feature/dirauth/shared_random.h"
21 #include "feature/dircache/dirserv.h"
22 #include "feature/dirclient/dirclient.h"
23 #include "feature/dirclient/dlstatus.h"
24 #include "feature/dircommon/consdiff.h"
25 #include "feature/dircommon/directory.h"
26 #include "feature/dircommon/fp_pair.h"
27 #include "feature/hs/hs_cache.h"
28 #include "feature/hs/hs_client.h"
29 #include "feature/hs/hs_control.h"
30 #include "feature/nodelist/authcert.h"
31 #include "feature/nodelist/describe.h"
32 #include "feature/nodelist/dirlist.h"
33 #include "feature/nodelist/microdesc.h"
34 #include "feature/nodelist/networkstatus.h"
35 #include "feature/nodelist/node_select.h"
36 #include "feature/nodelist/nodelist.h"
37 #include "feature/nodelist/routerinfo.h"
38 #include "feature/nodelist/routerlist.h"
39 #include "feature/nodelist/routerset.h"
40 #include "feature/relay/routermode.h"
41 #include "feature/relay/selftest.h"
42 #include "feature/rend/rendcache.h"
43 #include "feature/rend/rendclient.h"
44 #include "feature/rend/rendcommon.h"
45 #include "feature/rend/rendservice.h"
46 #include "feature/stats/predict_ports.h"
47
48 #include "lib/compress/compress.h"
49 #include "lib/crypt_ops/crypto_format.h"
50 #include "lib/crypt_ops/crypto_util.h"
51 #include "lib/encoding/confline.h"
52 #include "lib/err/backtrace.h"
53
54 #include "core/or/entry_connection_st.h"
55 #include "feature/dircache/cached_dir_st.h"
56 #include "feature/dirclient/dir_server_st.h"
57 #include "feature/dircommon/dir_connection_st.h"
58 #include "feature/nodelist/networkstatus_st.h"
59 #include "feature/nodelist/node_st.h"
60 #include "feature/nodelist/routerinfo_st.h"
61 #include "feature/rend/rend_service_descriptor_st.h"
62
63 /** Maximum size, in bytes, for any directory object that we've downloaded. */
64 #define MAX_DIR_DL_SIZE ((1<<24)-1) /* 16 MB - 1 */
65
66 /** How far in the future do we allow a directory server to tell us it is
67 * before deciding that one of us has the wrong time? */
68 #define ALLOW_DIRECTORY_TIME_SKEW (30*60)
69
70 static int body_is_plausible(const char *body, size_t body_len, int purpose);
71 static void connection_dir_download_routerdesc_failed(dir_connection_t *conn);
72 static void connection_dir_bridge_routerdesc_failed(dir_connection_t *conn);
73 static void connection_dir_download_cert_failed(
74 dir_connection_t *conn, int status_code);
75 static void connection_dir_retry_bridges(smartlist_t *descs);
76 static void dir_routerdesc_download_failed(smartlist_t *failed,
77 int status_code,
78 int router_purpose,
79 int was_extrainfo,
80 int was_descriptor_digests);
81 static void dir_microdesc_download_failed(smartlist_t *failed,
82 int status_code,
83 const char *dir_id);
84 static void directory_send_command(dir_connection_t *conn,
85 const int direct,
86 const directory_request_t *req);
87 static void connection_dir_close_consensus_fetches(
88 dir_connection_t *except_this_one, const char *resource);
89
90 /** Return a string describing a given directory connection purpose. */
91 STATIC const char *
92 dir_conn_purpose_to_string(int purpose)
93 {
94 switch (purpose)
95 {
96 case DIR_PURPOSE_UPLOAD_DIR:
97 return "server descriptor upload";
98 case DIR_PURPOSE_UPLOAD_VOTE:
99 return "server vote upload";
100 case DIR_PURPOSE_UPLOAD_SIGNATURES:
101 return "consensus signature upload";
102 case DIR_PURPOSE_FETCH_SERVERDESC:
103 return "server descriptor fetch";
104 case DIR_PURPOSE_FETCH_EXTRAINFO:
105 return "extra-info fetch";
106 case DIR_PURPOSE_FETCH_CONSENSUS:
107 return "consensus network-status fetch";
108 case DIR_PURPOSE_FETCH_CERTIFICATE:
109 return "authority cert fetch";
110 case DIR_PURPOSE_FETCH_STATUS_VOTE:
111 return "status vote fetch";
112 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
113 return "consensus signature fetch";
114 case DIR_PURPOSE_FETCH_RENDDESC_V2:
115 return "hidden-service v2 descriptor fetch";
116 case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
117 return "hidden-service v2 descriptor upload";
118 case DIR_PURPOSE_FETCH_HSDESC:
119 return "hidden-service descriptor fetch";
120 case DIR_PURPOSE_UPLOAD_HSDESC:
121 return "hidden-service descriptor upload";
122 case DIR_PURPOSE_FETCH_MICRODESC:
123 return "microdescriptor fetch";
124 }
125
126 log_warn(LD_BUG, "Called with unknown purpose %d", purpose);
127 return "(unknown)";
128 }
129
130 /** Return the requisite directory information types. */
131 STATIC dirinfo_type_t
132 dir_fetch_type(int dir_purpose, int router_purpose, const char *resource)
133 {
134 dirinfo_type_t type;
135 switch (dir_purpose) {
136 case DIR_PURPOSE_FETCH_EXTRAINFO:
137 type = EXTRAINFO_DIRINFO;
138 if (router_purpose == ROUTER_PURPOSE_BRIDGE)
139 type |= BRIDGE_DIRINFO;
140 else
141 type |= V3_DIRINFO;
142 break;
143 case DIR_PURPOSE_FETCH_SERVERDESC:
144 if (router_purpose == ROUTER_PURPOSE_BRIDGE)
145 type = BRIDGE_DIRINFO;
146 else
147 type = V3_DIRINFO;
148 break;
149 case DIR_PURPOSE_FETCH_STATUS_VOTE:
150 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
151 case DIR_PURPOSE_FETCH_CERTIFICATE:
152 type = V3_DIRINFO;
153 break;
154 case DIR_PURPOSE_FETCH_CONSENSUS:
155 type = V3_DIRINFO;
156 if (resource && !strcmp(resource, "microdesc"))
157 type |= MICRODESC_DIRINFO;
158 break;
159 case DIR_PURPOSE_FETCH_MICRODESC:
160 type = MICRODESC_DIRINFO;
161 break;
162 default:
163 log_warn(LD_BUG, "Unexpected purpose %d", (int)dir_purpose);
164 type = NO_DIRINFO;
165 break;
166 }
167 return type;
168 }
169
170 /** Return true iff <b>identity_digest</b> is the digest of a router which
171 * says that it caches extrainfos. (If <b>is_authority</b> we always
172 * believe that to be true.) */
173 int
174 router_supports_extrainfo(const char *identity_digest, int is_authority)
175 {
176 const node_t *node = node_get_by_id(identity_digest);
177
178 if (node && node->ri) {
179 if (node->ri->caches_extra_info)
180 return 1;
181 }
182 if (is_authority) {
183 return 1;
184 }
185 return 0;
186 }
187
188 /** Return true iff any trusted directory authority has accepted our
189 * server descriptor.
190 *
191 * We consider any authority sufficient because waiting for all of
192 * them means it never happens while any authority is down; we don't
193 * go for something more complex in the middle (like \>1/3 or \>1/2 or
194 * \>=1/2) because that doesn't seem necessary yet.
195 */
196 int
197 directories_have_accepted_server_descriptor(void)
198 {
199 const smartlist_t *servers = router_get_trusted_dir_servers();
200 const or_options_t *options = get_options();
201 SMARTLIST_FOREACH(servers, dir_server_t *, d, {
202 if ((d->type & options->PublishServerDescriptor_) &&
203 d->has_accepted_serverdesc) {
204 return 1;
205 }
206 });
207 return 0;
208 }
209
210 /** Start a connection to every suitable directory authority, using
211 * connection purpose <b>dir_purpose</b> and uploading <b>payload</b>
212 * (of length <b>payload_len</b>). The dir_purpose should be one of
213 * 'DIR_PURPOSE_UPLOAD_{DIR|VOTE|SIGNATURES}'.
214 *
215 * <b>router_purpose</b> describes the type of descriptor we're
216 * publishing, if we're publishing a descriptor -- e.g. general or bridge.
217 *
218 * <b>type</b> specifies what sort of dir authorities (V3,
219 * BRIDGE, etc) we should upload to.
220 *
221 * If <b>extrainfo_len</b> is nonzero, the first <b>payload_len</b> bytes of
222 * <b>payload</b> hold a router descriptor, and the next <b>extrainfo_len</b>
223 * bytes of <b>payload</b> hold an extra-info document. Upload the descriptor
224 * to all authorities, and the extra-info document to all authorities that
225 * support it.
226 */
227 void
228 directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
229 dirinfo_type_t type,
230 const char *payload,
231 size_t payload_len, size_t extrainfo_len)
232 {
233 const or_options_t *options = get_options();
234 dir_indirection_t indirection;
235 const smartlist_t *dirservers = router_get_trusted_dir_servers();
236 int found = 0;
237 const int exclude_self = (dir_purpose == DIR_PURPOSE_UPLOAD_VOTE ||
238 dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES);
239 tor_assert(dirservers);
240 /* This tries dirservers which we believe to be down, but ultimately, that's
241 * harmless, and we may as well err on the side of getting things uploaded.
242 */
243 SMARTLIST_FOREACH_BEGIN(dirservers, dir_server_t *, ds) {
244 routerstatus_t *rs = &(ds->fake_status);
245 size_t upload_len = payload_len;
246
247 if ((type & ds->type) == 0)
248 continue;
249
250 if (exclude_self && router_digest_is_me(ds->digest)) {
251 /* we don't upload to ourselves, but at least there's now at least
252 * one authority of this type that has what we wanted to upload. */
253 found = 1;
254 continue;
255 }
256
257 if (options->StrictNodes &&
258 routerset_contains_routerstatus(options->ExcludeNodes, rs, -1)) {
259 log_warn(LD_DIR, "Wanted to contact authority '%s' for %s, but "
260 "it's in our ExcludedNodes list and StrictNodes is set. "
261 "Skipping.",
262 ds->nickname,
263 dir_conn_purpose_to_string(dir_purpose));
264 continue;
265 }
266
267 found = 1; /* at least one authority of this type was listed */
268 if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR)
269 ds->has_accepted_serverdesc = 0;
270
271 if (extrainfo_len && router_supports_extrainfo(ds->digest, 1)) {
272 upload_len += extrainfo_len;
273 log_info(LD_DIR, "Uploading an extrainfo too (length %d)",
274 (int) extrainfo_len);
275 }
276 if (purpose_needs_anonymity(dir_purpose, router_purpose, NULL)) {
277 indirection = DIRIND_ANONYMOUS;
278 } else if (!fascist_firewall_allows_dir_server(ds,
279 FIREWALL_DIR_CONNECTION,
280 0)) {
281 if (fascist_firewall_allows_dir_server(ds, FIREWALL_OR_CONNECTION, 0))
282 indirection = DIRIND_ONEHOP;
283 else
284 indirection = DIRIND_ANONYMOUS;
285 } else {
286 indirection = DIRIND_DIRECT_CONN;
287 }
288
289 directory_request_t *req = directory_request_new(dir_purpose);
290 directory_request_set_routerstatus(req, rs);
291 directory_request_set_router_purpose(req, router_purpose);
292 directory_request_set_indirection(req, indirection);
293 directory_request_set_payload(req, payload, upload_len);
294 directory_initiate_request(req);
295 directory_request_free(req);
296 } SMARTLIST_FOREACH_END(ds);
297 if (!found) {
298 char *s = authdir_type_to_string(type);
299 log_warn(LD_DIR, "Publishing server descriptor to directory authorities "
300 "of type '%s', but no authorities of that type listed!", s);
301 tor_free(s);
302 }
303 }
304
305 /** Return true iff, according to the values in <b>options</b>, we should be
306 * using directory guards for direct downloads of directory information. */
307 STATIC int
308 should_use_directory_guards(const or_options_t *options)
309 {
310 /* Public (non-bridge) servers never use directory guards. */
311 if (public_server_mode(options))
312 return 0;
313 /* If guards are disabled, we can't use directory guards.
314 */
315 if (!options->UseEntryGuards)
316 return 0;
317 /* If we're configured to fetch directory info aggressively or of a
318 * nonstandard type, don't use directory guards. */
319 if (options->DownloadExtraInfo || options->FetchDirInfoEarly ||
320 options->FetchDirInfoExtraEarly || options->FetchUselessDescriptors)
321 return 0;
322 return 1;
323 }
324
325 /** Pick an unconstrained directory server from among our guards, the latest
326 * networkstatus, or the fallback dirservers, for use in downloading
327 * information of type <b>type</b>, and return its routerstatus. */
328 static const routerstatus_t *
329 directory_pick_generic_dirserver(dirinfo_type_t type, int pds_flags,
330 uint8_t dir_purpose,
331 circuit_guard_state_t **guard_state_out)
332 {
333 const routerstatus_t *rs = NULL;
334 const or_options_t *options = get_options();
335
336 if (options->UseBridges)
337 log_warn(LD_BUG, "Called when we have UseBridges set.");
338
339 if (should_use_directory_guards(options)) {
340 const node_t *node = guards_choose_dirguard(dir_purpose, guard_state_out);
341 if (node)
342 rs = node->rs;
343 } else {
344 /* anybody with a non-zero dirport will do */
345 rs = router_pick_directory_server(type, pds_flags);
346 }
347 if (!rs) {
348 log_info(LD_DIR, "No router found for %s; falling back to "
349 "dirserver list.", dir_conn_purpose_to_string(dir_purpose));
350 rs = router_pick_fallback_dirserver(type, pds_flags);
351 }
352
353 return rs;
354 }
355
356 /**
357 * Set the extra fields in <b>req</b> that are used when requesting a
358 * consensus of type <b>resource</b>.
359 *
360 * Right now, these fields are if-modified-since and x-or-diff-from-consensus.
361 */
362 static void
363 dir_consensus_request_set_additional_headers(directory_request_t *req,
364 const char *resource)
365 {
366 time_t if_modified_since = 0;
367 uint8_t or_diff_from[DIGEST256_LEN];
368 int or_diff_from_is_set = 0;
369
370 /* DEFAULT_IF_MODIFIED_SINCE_DELAY is 1/20 of the default consensus
371 * period of 1 hour.
372 */
373 const int DEFAULT_IF_MODIFIED_SINCE_DELAY = 180;
374 const int32_t DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER = 72;
375 const int32_t MIN_TRY_DIFF_FOR_CONSENSUS_NEWER = 0;
376 const int32_t MAX_TRY_DIFF_FOR_CONSENSUS_NEWER = 8192;
377 const char TRY_DIFF_FOR_CONSENSUS_NEWER_NAME[] =
378 "try-diff-for-consensus-newer-than";
379
380 int flav = FLAV_NS;
381 if (resource)
382 flav = networkstatus_parse_flavor_name(resource);
383
384 int32_t max_age_for_diff = 3600 *
385 networkstatus_get_param(NULL,
386 TRY_DIFF_FOR_CONSENSUS_NEWER_NAME,
387 DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER,
388 MIN_TRY_DIFF_FOR_CONSENSUS_NEWER,
389 MAX_TRY_DIFF_FOR_CONSENSUS_NEWER);
390
391 if (flav != -1) {
392 /* IF we have a parsed consensus of this type, we can do an
393 * if-modified-time based on it. */
394 networkstatus_t *v;
395 v = networkstatus_get_latest_consensus_by_flavor(flav);
396 if (v) {
397 /* In networks with particularly short V3AuthVotingIntervals,
398 * ask for the consensus if it's been modified since half the
399 * V3AuthVotingInterval of the most recent consensus. */
400 time_t ims_delay = DEFAULT_IF_MODIFIED_SINCE_DELAY;
401 if (v->fresh_until > v->valid_after
402 && ims_delay > (v->fresh_until - v->valid_after)/2) {
403 ims_delay = (v->fresh_until - v->valid_after)/2;
404 }
405 if_modified_since = v->valid_after + ims_delay;
406 if (v->valid_after >= approx_time() - max_age_for_diff) {
407 memcpy(or_diff_from, v->digest_sha3_as_signed, DIGEST256_LEN);
408 or_diff_from_is_set = 1;
409 }
410 }
411 } else {
412 /* Otherwise it might be a consensus we don't parse, but which we
413 * do cache. Look at the cached copy, perhaps. */
414 cached_dir_t *cd = dirserv_get_consensus(resource);
415 /* We have no method of determining the voting interval from an
416 * unparsed consensus, so we use the default. */
417 if (cd) {
418 if_modified_since = cd->published + DEFAULT_IF_MODIFIED_SINCE_DELAY;
419 if (cd->published >= approx_time() - max_age_for_diff) {
420 memcpy(or_diff_from, cd->digest_sha3_as_signed, DIGEST256_LEN);
421 or_diff_from_is_set = 1;
422 }
423 }
424 }
425
426 if (if_modified_since > 0)
427 directory_request_set_if_modified_since(req, if_modified_since);
428 if (or_diff_from_is_set) {
429 char hex[HEX_DIGEST256_LEN + 1];
430 base16_encode(hex, sizeof(hex),
431 (const char*)or_diff_from, sizeof(or_diff_from));
432 directory_request_add_header(req, X_OR_DIFF_FROM_CONSENSUS_HEADER, hex);
433 }
434 }
435 /** Start a connection to a random running directory server, using
436 * connection purpose <b>dir_purpose</b>, intending to fetch descriptors
437 * of purpose <b>router_purpose</b>, and requesting <b>resource</b>.
438 * Use <b>pds_flags</b> as arguments to router_pick_directory_server()
439 * or router_pick_trusteddirserver().
440 */
441 MOCK_IMPL(void,
442 directory_get_from_dirserver,(
443 uint8_t dir_purpose,
444 uint8_t router_purpose,
445 const char *resource,
446 int pds_flags,
447 download_want_authority_t want_authority))
448 {
449 const routerstatus_t *rs = NULL;
450 const or_options_t *options = get_options();
451 int prefer_authority = (directory_fetches_from_authorities(options)
452 || want_authority == DL_WANT_AUTHORITY);
453 int require_authority = 0;
454 int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose,
455 resource);
456 dirinfo_type_t type = dir_fetch_type(dir_purpose, router_purpose, resource);
457
458 if (type == NO_DIRINFO)
459 return;
460
461 if (!options->FetchServerDescriptors)
462 return;
463
464 circuit_guard_state_t *guard_state = NULL;
465 if (!get_via_tor) {
466 if (options->UseBridges && !(type & BRIDGE_DIRINFO)) {
467 /* We want to ask a running bridge for which we have a descriptor.
468 *
469 * When we ask choose_random_entry() for a bridge, we specify what
470 * sort of dir fetch we'll be doing, so it won't return a bridge
471 * that can't answer our question.
472 */
473 const node_t *node = guards_choose_dirguard(dir_purpose, &guard_state);
474 if (node && node->ri) {
475 /* every bridge has a routerinfo. */
476 routerinfo_t *ri = node->ri;
477 /* clients always make OR connections to bridges */
478 tor_addr_port_t or_ap;
479 directory_request_t *req = directory_request_new(dir_purpose);
480 /* we are willing to use a non-preferred address if we need to */
481 fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0,
482 &or_ap);
483 directory_request_set_or_addr_port(req, &or_ap);
484 directory_request_set_directory_id_digest(req,
485 ri->cache_info.identity_digest);
486 directory_request_set_router_purpose(req, router_purpose);
487 directory_request_set_resource(req, resource);
488 if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS)
489 dir_consensus_request_set_additional_headers(req, resource);
490 directory_request_set_guard_state(req, guard_state);
491 directory_initiate_request(req);
492 directory_request_free(req);
493 } else {
494 if (guard_state) {
495 entry_guard_cancel(&guard_state);
496 }
497 log_notice(LD_DIR, "Ignoring directory request, since no bridge "
498 "nodes are available yet.");
499 }
500
501 return;
502 } else {
503 if (prefer_authority || (type & BRIDGE_DIRINFO)) {
504 /* only ask authdirservers, and don't ask myself */
505 rs = router_pick_trusteddirserver(type, pds_flags);
506 if (rs == NULL && (pds_flags & (PDS_NO_EXISTING_SERVERDESC_FETCH|
507 PDS_NO_EXISTING_MICRODESC_FETCH))) {
508 /* We don't want to fetch from any authorities that we're currently
509 * fetching server descriptors from, and we got no match. Did we
510 * get no match because all the authorities have connections
511 * fetching server descriptors (in which case we should just
512 * return,) or because all the authorities are down or on fire or
513 * unreachable or something (in which case we should go on with
514 * our fallback code)? */
515 pds_flags &= ~(PDS_NO_EXISTING_SERVERDESC_FETCH|
516 PDS_NO_EXISTING_MICRODESC_FETCH);
517 rs = router_pick_trusteddirserver(type, pds_flags);
518 if (rs) {
519 log_debug(LD_DIR, "Deferring serverdesc fetch: all authorities "
520 "are in use.");
521 return;
522 }
523 }
524 if (rs == NULL && require_authority) {
525 log_info(LD_DIR, "No authorities were available for %s: will try "
526 "later.", dir_conn_purpose_to_string(dir_purpose));
527 return;
528 }
529 }
530 if (!rs && !(type & BRIDGE_DIRINFO)) {
531 rs = directory_pick_generic_dirserver(type, pds_flags,
532 dir_purpose,
533 &guard_state);
534 if (!rs)
535 get_via_tor = 1; /* last resort: try routing it via Tor */
536 }
537 }
538 }
539
540 if (get_via_tor) {
541 /* Never use fascistfirewall; we're going via Tor. */
542 pds_flags |= PDS_IGNORE_FASCISTFIREWALL;
543 rs = router_pick_directory_server(type, pds_flags);
544 }
545
546 /* If we have any hope of building an indirect conn, we know some router
547 * descriptors. If (rs==NULL), we can't build circuits anyway, so
548 * there's no point in falling back to the authorities in this case. */
549 if (rs) {
550 const dir_indirection_t indirection =
551 get_via_tor ? DIRIND_ANONYMOUS : DIRIND_ONEHOP;
552 directory_request_t *req = directory_request_new(dir_purpose);
553 directory_request_set_routerstatus(req, rs);
554 directory_request_set_router_purpose(req, router_purpose);
555 directory_request_set_indirection(req, indirection);
556 directory_request_set_resource(req, resource);
557 if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS)
558 dir_consensus_request_set_additional_headers(req, resource);
559 if (guard_state)
560 directory_request_set_guard_state(req, guard_state);
561 directory_initiate_request(req);
562 directory_request_free(req);
563 } else {
564 log_notice(LD_DIR,
565 "While fetching directory info, "
566 "no running dirservers known. Will try again later. "
567 "(purpose %d)", dir_purpose);
568 if (!purpose_needs_anonymity(dir_purpose, router_purpose, resource)) {
569 /* remember we tried them all and failed. */
570 directory_all_unreachable(time(NULL));
571 }
572 }
573 }
574
575 /** As directory_get_from_dirserver, but initiates a request to <i>every</i>
576 * directory authority other than ourself. Only for use by authorities when
577 * searching for missing information while voting. */
578 void
579 directory_get_from_all_authorities(uint8_t dir_purpose,
580 uint8_t router_purpose,
581 const char *resource)
582 {
583 tor_assert(dir_purpose == DIR_PURPOSE_FETCH_STATUS_VOTE ||
584 dir_purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES);
585
586 SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
587 dir_server_t *, ds) {
588 if (router_digest_is_me(ds->digest))
589 continue;
590 if (!(ds->type & V3_DIRINFO))
591 continue;
592 const routerstatus_t *rs = &ds->fake_status;
593 directory_request_t *req = directory_request_new(dir_purpose);
594 directory_request_set_routerstatus(req, rs);
595 directory_request_set_router_purpose(req, router_purpose);
596 directory_request_set_resource(req, resource);
597 directory_initiate_request(req);
598 directory_request_free(req);
599 } SMARTLIST_FOREACH_END(ds);
600 }
601
602 /** Return true iff <b>ind</b> requires a multihop circuit. */
603 static int
604 dirind_is_anon(dir_indirection_t ind)
605 {
606 return ind == DIRIND_ANON_DIRPORT || ind == DIRIND_ANONYMOUS;
607 }
608
609 /* Choose reachable OR and Dir addresses and ports from status, copying them
610 * into use_or_ap and use_dir_ap. If indirection is anonymous, then we're
611 * connecting via another relay, so choose the primary IPv4 address and ports.
612 *
613 * status should have at least one reachable address, if we can't choose a
614 * reachable address, warn and return -1. Otherwise, return 0.
615 */
616 static int
617 directory_choose_address_routerstatus(const routerstatus_t *status,
618 dir_indirection_t indirection,
619 tor_addr_port_t *use_or_ap,
620 tor_addr_port_t *use_dir_ap)
621 {
622 tor_assert(status != NULL);
623 tor_assert(use_or_ap != NULL);
624 tor_assert(use_dir_ap != NULL);
625
626 const or_options_t *options = get_options();
627 int have_or = 0, have_dir = 0;
628
629 /* We expect status to have at least one reachable address if we're
630 * connecting to it directly.
631 *
632 * Therefore, we can simply use the other address if the one we want isn't
633 * allowed by the firewall.
634 *
635 * (When Tor uploads and downloads a hidden service descriptor, it uses
636 * DIRIND_ANONYMOUS. Even Single Onion Servers (NYI) use DIRIND_ANONYMOUS,
637 * to avoid HSDirs denying service by rejecting descriptors.)
638 */
639
640 /* Initialise the OR / Dir addresses */
641 tor_addr_make_null(&use_or_ap->addr, AF_UNSPEC);
642 use_or_ap->port = 0;
643 tor_addr_make_null(&use_dir_ap->addr, AF_UNSPEC);
644 use_dir_ap->port = 0;
645
646 /* ORPort connections */
647 if (indirection == DIRIND_ANONYMOUS) {
648 if (status->addr) {
649 /* Since we're going to build a 3-hop circuit and ask the 2nd relay
650 * to extend to this address, always use the primary (IPv4) OR address */
651 tor_addr_from_ipv4h(&use_or_ap->addr, status->addr);
652 use_or_ap->port = status->or_port;
653 have_or = 1;
654 }
655 } else if (indirection == DIRIND_ONEHOP) {
656 /* We use an IPv6 address if we have one and we prefer it.
657 * Use the preferred address and port if they are reachable, otherwise,
658 * use the alternate address and port (if any).
659 */
660 fascist_firewall_choose_address_rs(status, FIREWALL_OR_CONNECTION, 0,
661 use_or_ap);
662 have_or = tor_addr_port_is_valid_ap(use_or_ap, 0);
663 }
664
665 /* DirPort connections
666 * DIRIND_ONEHOP uses ORPort, but may fall back to the DirPort on relays */
667 if (indirection == DIRIND_DIRECT_CONN ||
668 indirection == DIRIND_ANON_DIRPORT ||
669 (indirection == DIRIND_ONEHOP
670 && !directory_must_use_begindir(options))) {
671 fascist_firewall_choose_address_rs(status, FIREWALL_DIR_CONNECTION, 0,
672 use_dir_ap);
673 have_dir = tor_addr_port_is_valid_ap(use_dir_ap, 0);
674 }
675
676 /* We rejected all addresses in the relay's status. This means we can't
677 * connect to it. */
678 if (!have_or && !have_dir) {
679 static int logged_backtrace = 0;
680 log_info(LD_BUG, "Rejected all OR and Dir addresses from %s when "
681 "launching an outgoing directory connection to: IPv4 %s OR %d "
682 "Dir %d IPv6 %s OR %d Dir %d", routerstatus_describe(status),
683 fmt_addr32(status->addr), status->or_port,
684 status->dir_port, fmt_addr(&status->ipv6_addr),
685 status->ipv6_orport, status->dir_port);
686 if (!logged_backtrace) {
687 log_backtrace(LOG_INFO, LD_BUG, "Addresses came from");
688 logged_backtrace = 1;
689 }
690 return -1;
691 }
692
693 return 0;
694 }
695
696 /** Return true iff <b>conn</b> is the client side of a directory connection
697 * we launched to ourself in order to determine the reachability of our
698 * dir_port. */
699 static int
700 directory_conn_is_self_reachability_test(dir_connection_t *conn)
701 {
702 if (conn->requested_resource &&
703 !strcmpstart(conn->requested_resource,"authority")) {
704 const routerinfo_t *me = router_get_my_routerinfo();
705 if (me &&
706 router_digest_is_me(conn->identity_digest) &&
707 tor_addr_eq_ipv4h(&conn->base_.addr, me->addr) && /*XXXX prop 118*/
708 me->dir_port == conn->base_.port)
709 return 1;
710 }
711 return 0;
712 }
713
714 /** Called when we are unable to complete the client's request to a directory
715 * server due to a network error: Mark the router as down and try again if
716 * possible.
717 */
718 void
719 connection_dir_client_request_failed(dir_connection_t *conn)
720 {
721 if (conn->guard_state) {
722 /* We haven't seen a success on this guard state, so consider it to have
723 * failed. */
724 entry_guard_failed(&conn->guard_state);
725 }
726 if (directory_conn_is_self_reachability_test(conn)) {
727 return; /* this was a test fetch. don't retry. */
728 }
729 if (!entry_list_is_constrained(get_options()))
730 router_set_status(conn->identity_digest, 0); /* don't try this one again */
731 if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
732 conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) {
733 log_info(LD_DIR, "Giving up on serverdesc/extrainfo fetch from "
734 "directory server at '%s'; retrying",
735 conn->base_.address);
736 if (conn->router_purpose == ROUTER_PURPOSE_BRIDGE)
737 connection_dir_bridge_routerdesc_failed(conn);
738 connection_dir_download_routerdesc_failed(conn);
739 } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
740 if (conn->requested_resource)
741 networkstatus_consensus_download_failed(0, conn->requested_resource);
742 } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
743 log_info(LD_DIR, "Giving up on certificate fetch from directory server "
744 "at '%s'; retrying",
745 conn->base_.address);
746 connection_dir_download_cert_failed(conn, 0);
747 } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) {
748 log_info(LD_DIR, "Giving up downloading detached signatures from '%s'",
749 conn->base_.address);
750 } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) {
751 log_info(LD_DIR, "Giving up downloading votes from '%s'",
752 conn->base_.address);
753 } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC) {
754 log_info(LD_DIR, "Giving up on downloading microdescriptors from "
755 "directory server at '%s'; will retry", conn->base_.address);
756 connection_dir_download_routerdesc_failed(conn);
757 }
758 }
759
760 /** Helper: Attempt to fetch directly the descriptors of each bridge
761 * listed in <b>failed</b>.
762 */
763 static void
764 connection_dir_retry_bridges(smartlist_t *descs)
765 {
766 char digest[DIGEST_LEN];
767 SMARTLIST_FOREACH(descs, const char *, cp,
768 {
769 if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) != DIGEST_LEN) {
770 log_warn(LD_BUG, "Malformed fingerprint in list: %s",
771 escaped(cp));
772 continue;
773 }
774 retry_bridge_descriptor_fetch_directly(digest);
775 });
776 }
777
778 /** Called when an attempt to download one or more router descriptors
779 * or extra-info documents on connection <b>conn</b> failed.
780 */
781 static void
782 connection_dir_download_routerdesc_failed(dir_connection_t *conn)
783 {
784 /* No need to increment the failure count for routerdescs, since
785 * it's not their fault. */
786
787 /* No need to relaunch descriptor downloads here: we already do it
788 * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
789 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
790 conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
791 conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
792
793 (void) conn;
794 }
795
796 /** Called when an attempt to download a bridge's routerdesc from
797 * one of the authorities failed due to a network error. If
798 * possible attempt to download descriptors from the bridge directly.
799 */
800 static void
801 connection_dir_bridge_routerdesc_failed(dir_connection_t *conn)
802 {
803 smartlist_t *which = NULL;
804
805 /* Requests for bridge descriptors are in the form 'fp/', so ignore
806 anything else. */
807 if (!conn->requested_resource || strcmpstart(conn->requested_resource,"fp/"))
808 return;
809
810 which = smartlist_new();
811 dir_split_resource_into_fingerprints(conn->requested_resource
812 + strlen("fp/"),
813 which, NULL, 0);
814
815 tor_assert(conn->base_.purpose != DIR_PURPOSE_FETCH_EXTRAINFO);
816 if (smartlist_len(which)) {
817 connection_dir_retry_bridges(which);
818 SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
819 }
820 smartlist_free(which);
821 }
822
823 /** Called when an attempt to fetch a certificate fails. */
824 static void
825 connection_dir_download_cert_failed(dir_connection_t *conn, int status)
826 {
827 const char *fp_pfx = "fp/";
828 const char *fpsk_pfx = "fp-sk/";
829 smartlist_t *failed;
830 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE);
831
832 if (!conn->requested_resource)
833 return;
834 failed = smartlist_new();
835 /*
836 * We have two cases download by fingerprint (resource starts
837 * with "fp/") or download by fingerprint/signing key pair
838 * (resource starts with "fp-sk/").
839 */
840 if (!strcmpstart(conn->requested_resource, fp_pfx)) {
841 /* Download by fingerprint case */
842 dir_split_resource_into_fingerprints(conn->requested_resource +
843 strlen(fp_pfx),
844 failed, NULL, DSR_HEX);
845 SMARTLIST_FOREACH_BEGIN(failed, char *, cp) {
846 /* Null signing key digest indicates download by fp only */
847 authority_cert_dl_failed(cp, NULL, status);
848 tor_free(cp);
849 } SMARTLIST_FOREACH_END(cp);
850 } else if (!strcmpstart(conn->requested_resource, fpsk_pfx)) {
851 /* Download by (fp,sk) pairs */
852 dir_split_resource_into_fingerprint_pairs(conn->requested_resource +
853 strlen(fpsk_pfx), failed);
854 SMARTLIST_FOREACH_BEGIN(failed, fp_pair_t *, cp) {
855 authority_cert_dl_failed(cp->first, cp->second, status);
856 tor_free(cp);
857 } SMARTLIST_FOREACH_END(cp);
858 } else {
859 log_warn(LD_DIR,
860 "Don't know what to do with failure for cert fetch %s",
861 conn->requested_resource);
862 }
863
864 smartlist_free(failed);
865
866 update_certificate_downloads(time(NULL));
867 }
868
869 /* Should this tor instance only use begindir for all its directory requests?
870 */
871 int
872 directory_must_use_begindir(const or_options_t *options)
873 {
874 /* Clients, onion services, and bridges must use begindir,
875 * relays and authorities do not have to */
876 return !public_server_mode(options);
877 }
878
879 /** Evaluate the situation and decide if we should use an encrypted
880 * "begindir-style" connection for this directory request.
881 * 0) If there is no DirPort, yes.
882 * 1) If or_port is 0, or it's a direct conn and or_port is firewalled
883 * or we're a dir mirror, no.
884 * 2) If we prefer to avoid begindir conns, and we're not fetching or
885 * publishing a bridge relay descriptor, no.
886 * 3) Else yes.
887 * If returning 0, return in *reason why we can't use begindir.
888 * reason must not be NULL.
889 */
890 static int
891 directory_command_should_use_begindir(const or_options_t *options,
892 const directory_request_t *req,
893 const char **reason)
894 {
895 const tor_addr_t *or_addr = &req->or_addr_port.addr;
896 //const tor_addr_t *dir_addr = &req->dir_addr_port.addr;
897 const int or_port = req->or_addr_port.port;
898 const int dir_port = req->dir_addr_port.port;
899
900 const dir_indirection_t indirection = req->indirection;
901
902 tor_assert(reason);
903 *reason = NULL;
904
905 /* Reasons why we must use begindir */
906 if (!dir_port) {
907 *reason = "(using begindir - directory with no DirPort)";
908 return 1; /* We don't know a DirPort -- must begindir. */
909 }
910 /* Reasons why we can't possibly use begindir */
911 if (!or_port) {
912 *reason = "directory with unknown ORPort";
913 return 0; /* We don't know an ORPort -- no chance. */
914 }
915 if (indirection == DIRIND_DIRECT_CONN ||
916 indirection == DIRIND_ANON_DIRPORT) {
917 *reason = "DirPort connection";
918 return 0;
919 }
920 if (indirection == DIRIND_ONEHOP) {
921 /* We're firewalled and want a direct OR connection */
922 if (!fascist_firewall_allows_address_addr(or_addr, or_port,
923 FIREWALL_OR_CONNECTION, 0, 0)) {
924 *reason = "ORPort not reachable";
925 return 0;
926 }
927 }
928 /* Reasons why we want to avoid using begindir */
929 if (indirection == DIRIND_ONEHOP) {
930 if (!directory_must_use_begindir(options)) {
931 *reason = "in relay mode";
932 return 0;
933 }
934 }
935 /* DIRIND_ONEHOP on a client, or DIRIND_ANONYMOUS
936 */
937 *reason = "(using begindir)";
938 return 1;
939 }
940
941 /**
942 * Create and return a new directory_request_t with purpose
943 * <b>dir_purpose</b>.
944 */
945 directory_request_t *
946 directory_request_new(uint8_t dir_purpose)
947 {
948 tor_assert(dir_purpose >= DIR_PURPOSE_MIN_);
949 tor_assert(dir_purpose <= DIR_PURPOSE_MAX_);
950 tor_assert(dir_purpose != DIR_PURPOSE_SERVER);
951 tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2);
952 tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_HSDESC);
953
954 directory_request_t *result = tor_malloc_zero(sizeof(*result));
955 tor_addr_make_null(&result->or_addr_port.addr, AF_INET);
956 result->or_addr_port.port = 0;
957 tor_addr_make_null(&result->dir_addr_port.addr, AF_INET);
958 result->dir_addr_port.port = 0;
959 result->dir_purpose = dir_purpose;
960 result->router_purpose = ROUTER_PURPOSE_GENERAL;
961 result->indirection = DIRIND_ONEHOP;
962 return result;
963 }
964 /**
965 * Release all resources held by <b>req</b>.
966 */
967 void
968 directory_request_free_(directory_request_t *req)
969 {
970 if (req == NULL)
971 return;
972 config_free_lines(req->additional_headers);
973 tor_free(req);
974 }
975 /**
976 * Set the address and OR port to use for this directory request. If there is
977 * no OR port, we'll have to connect over the dirport. (If there are both,
978 * the indirection setting determines which to use.)
979 */
980 void
981 directory_request_set_or_addr_port(directory_request_t *req,
982 const tor_addr_port_t *p)
983 {
984 memcpy(&req->or_addr_port, p, sizeof(*p));
985 }
986 /**
987 * Set the address and dirport to use for this directory request. If there
988 * is no dirport, we'll have to connect over the OR port. (If there are both,
989 * the indirection setting determines which to use.)
990 */
991 void
992 directory_request_set_dir_addr_port(directory_request_t *req,
993 const tor_addr_port_t *p)
994 {
995 memcpy(&req->dir_addr_port, p, sizeof(*p));
996 }
997 /**
998 * Set the RSA identity digest of the directory to use for this directory
999 * request.
1000 */
1001 void
1002 directory_request_set_directory_id_digest(directory_request_t *req,
1003 const char *digest)
1004 {
1005 memcpy(req->digest, digest, DIGEST_LEN);
1006 }
1007 /**
1008 * Set the router purpose associated with uploaded and downloaded router
1009 * descriptors and extrainfo documents in this directory request. The purpose
1010 * must be one of ROUTER_PURPOSE_GENERAL (the default) or
1011 * ROUTER_PURPOSE_BRIDGE.
1012 */
1013 void
1014 directory_request_set_router_purpose(directory_request_t *req,
1015 uint8_t router_purpose)
1016 {
1017 tor_assert(router_purpose == ROUTER_PURPOSE_GENERAL ||
1018 router_purpose == ROUTER_PURPOSE_BRIDGE);
1019 // assert that it actually makes sense to set this purpose, given
1020 // the dir_purpose.
1021 req->router_purpose = router_purpose;
1022 }
1023 /**
1024 * Set the indirection to be used for the directory request. The indirection
1025 * parameter configures whether to connect to a DirPort or ORPort, and whether
1026 * to anonymize the connection. DIRIND_ONEHOP (use ORPort, don't anonymize)
1027 * is the default. See dir_indirection_t for more information.
1028 */
1029 void
1030 directory_request_set_indirection(directory_request_t *req,
1031 dir_indirection_t indirection)
1032 {
1033 req->indirection = indirection;
1034 }
1035
1036 /**
1037 * Set a pointer to the resource to request from a directory. Different
1038 * request types use resources to indicate different components of their URL.
1039 * Note that only an alias to <b>resource</b> is stored, so the
1040 * <b>resource</b> must outlive the request.
1041 */
1042 void
1043 directory_request_set_resource(directory_request_t *req,
1044 const char *resource)
1045 {
1046 req->resource = resource;
1047 }
1048 /**
1049 * Set a pointer to the payload to include with this directory request, along
1050 * with its length. Note that only an alias to <b>payload</b> is stored, so
1051 * the <b>payload</b> must outlive the request.
1052 */
1053 void
1054 directory_request_set_payload(directory_request_t *req,
1055 const char *payload,
1056 size_t payload_len)
1057 {
1058 tor_assert(DIR_PURPOSE_IS_UPLOAD(req->dir_purpose));
1059
1060 req->payload = payload;
1061 req->payload_len = payload_len;
1062 }
1063 /**
1064 * Set an if-modified-since date to send along with the request. The
1065 * default is 0 (meaning, send no if-modified-since header).
1066 */
1067 void
1068 directory_request_set_if_modified_since(directory_request_t *req,
1069 time_t if_modified_since)
1070 {
1071 req->if_modified_since = if_modified_since;
1072 }
1073
1074 /** Include a header of name <b>key</b> with content <b>val</b> in the
1075 * request. Neither may include newlines or other odd characters. Their
1076 * ordering is not currently guaranteed.
1077 *
1078 * Note that, as elsewhere in this module, header keys include a trailing
1079 * colon and space.
1080 */
1081 void
1082 directory_request_add_header(directory_request_t *req,
1083 const char *key,
1084 const char *val)
1085 {
1086 config_line_prepend(&req->additional_headers, key, val);
1087 }
1088 /**
1089 * Set an object containing HS data to be associated with this request. Note
1090 * that only an alias to <b>query</b> is stored, so the <b>query</b> object
1091 * must outlive the request.
1092 */
1093 void
1094 directory_request_set_rend_query(directory_request_t *req,
1095 const rend_data_t *query)
1096 {
1097 if (query) {
1098 tor_assert(req->dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 ||
1099 req->dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
1100 }
1101 req->rend_query = query;
1102 }
1103 /**
1104 * Set an object containing HS connection identifier to be associated with
1105 * this request. Note that only an alias to <b>ident</b> is stored, so the
1106 * <b>ident</b> object must outlive the request.
1107 */
1108 void
1109 directory_request_upload_set_hs_ident(directory_request_t *req,
1110 const hs_ident_dir_conn_t *ident)
1111 {
1112 if (ident) {
1113 tor_assert(req->dir_purpose == DIR_PURPOSE_UPLOAD_HSDESC);
1114 }
1115 req->hs_ident = ident;
1116 }
1117 /**
1118 * Set an object containing HS connection identifier to be associated with
1119 * this fetch request. Note that only an alias to <b>ident</b> is stored, so
1120 * the <b>ident</b> object must outlive the request.
1121 */
1122 void
1123 directory_request_fetch_set_hs_ident(directory_request_t *req,
1124 const hs_ident_dir_conn_t *ident)
1125 {
1126 if (ident) {
1127 tor_assert(req->dir_purpose == DIR_PURPOSE_FETCH_HSDESC);
1128 }
1129 req->hs_ident = ident;
1130 }
1131 /** Set a static circuit_guard_state_t object to affliate with the request in
1132 * <b>req</b>. This object will receive notification when the attempt to
1133 * connect to the guard either succeeds or fails. */
1134 void
1135 directory_request_set_guard_state(directory_request_t *req,
1136 circuit_guard_state_t *state)
1137 {
1138 req->guard_state = state;
1139 }
1140
1141 /**
1142 * Internal: Return true if any information for contacting the directory in
1143 * <b>req</b> has been set, other than by the routerstatus. */
1144 static int
1145 directory_request_dir_contact_info_specified(const directory_request_t *req)
1146 {
1147 /* We only check for ports here, since we don't use an addr unless the port
1148 * is set */
1149 return (req->or_addr_port.port ||
1150 req->dir_addr_port.port ||
1151 ! tor_digest_is_zero(req->digest));
1152 }
1153
1154 /**
1155 * Set the routerstatus to use for the directory associated with this
1156 * request. If this option is set, then no other function to set the
1157 * directory's address or identity should be called.
1158 */
1159 void
1160 directory_request_set_routerstatus(directory_request_t *req,
1161 const routerstatus_t *status)
1162 {
1163 req->routerstatus = status;
1164 }
1165 /**
1166 * Helper: update the addresses, ports, and identities in <b>req</b>
1167 * from the routerstatus object in <b>req</b>. Return 0 on success.
1168 * On failure, warn and return -1.
1169 */
1170 static int
1171 directory_request_set_dir_from_routerstatus(directory_request_t *req)
1172
1173 {
1174 const routerstatus_t *status = req->routerstatus;
1175 if (BUG(status == NULL))
1176 return -1;
1177 const or_options_t *options = get_options();
1178 const node_t *node;
1179 tor_addr_port_t use_or_ap, use_dir_ap;
1180 const int anonymized_connection = dirind_is_anon(req->indirection);
1181
1182 tor_assert(status != NULL);
1183
1184 node = node_get_by_id(status->identity_digest);
1185
1186 /* XXX The below check is wrong: !node means it's not in the consensus,
1187 * but we haven't checked if we have a descriptor for it -- and also,
1188 * we only care about the descriptor if it's a begindir-style anonymized
1189 * connection. */
1190 if (!node && anonymized_connection) {
1191 log_info(LD_DIR, "Not sending anonymized request to directory '%s'; we "
1192 "don't have its router descriptor.",
1193 routerstatus_describe(status));
1194 return -1;
1195 }
1196
1197 if (options->ExcludeNodes && options->StrictNodes &&
1198 routerset_contains_routerstatus(options->ExcludeNodes, status, -1)) {
1199 log_warn(LD_DIR, "Wanted to contact directory mirror %s for %s, but "
1200 "it's in our ExcludedNodes list and StrictNodes is set. "
1201 "Skipping. This choice might make your Tor not work.",
1202 routerstatus_describe(status),
1203 dir_conn_purpose_to_string(req->dir_purpose));
1204 return -1;
1205 }
1206
1207 /* At this point, if we are a client making a direct connection to a
1208 * directory server, we have selected a server that has at least one address
1209 * allowed by ClientUseIPv4/6 and Reachable{"",OR,Dir}Addresses. This
1210 * selection uses the preference in ClientPreferIPv6{OR,Dir}Port, if
1211 * possible. (If UseBridges is set, clients always use IPv6, and prefer it
1212 * by default.)
1213 *
1214 * Now choose an address that we can use to connect to the directory server.
1215 */
1216 if (directory_choose_address_routerstatus(status,
1217 req->indirection, &use_or_ap,
1218 &use_dir_ap) < 0) {
1219 return -1;
1220 }
1221
1222 directory_request_set_or_addr_port(req, &use_or_ap);
1223 directory_request_set_dir_addr_port(req, &use_dir_ap);
1224 directory_request_set_directory_id_digest(req, status->identity_digest);
1225 return 0;
1226 }
1227
1228 /**
1229 * Launch the provided directory request, configured in <b>request</b>.
1230 * After this function is called, you can free <b>request</b>.
1231 */
1232 MOCK_IMPL(void,
1233 directory_initiate_request,(directory_request_t *request))
1234 {
1235 tor_assert(request);
1236 if (request->routerstatus) {
1237 tor_assert_nonfatal(
1238 ! directory_request_dir_contact_info_specified(request));
1239 if (directory_request_set_dir_from_routerstatus(request) < 0) {
1240 return;
1241 }
1242 }
1243
1244 const tor_addr_port_t *or_addr_port = &request->or_addr_port;
1245 const tor_addr_port_t *dir_addr_port = &request->dir_addr_port;
1246 const char *digest = request->digest;
1247 const uint8_t dir_purpose = request->dir_purpose;
1248 const uint8_t router_purpose = request->router_purpose;
1249 const dir_indirection_t indirection = request->indirection;
1250 const char *resource = request->resource;
1251 const rend_data_t *rend_query = request->rend_query;
1252 const hs_ident_dir_conn_t *hs_ident = request->hs_ident;
1253 circuit_guard_state_t *guard_state = request->guard_state;
1254
1255 tor_assert(or_addr_port->port || dir_addr_port->port);
1256 tor_assert(digest);
1257
1258 dir_connection_t *conn;
1259 const or_options_t *options = get_options();
1260 int socket_error = 0;
1261 const char *begindir_reason = NULL;
1262 /* Should the connection be to a relay's OR port (and inside that we will
1263 * send our directory request)? */
1264 const int use_begindir =
1265 directory_command_should_use_begindir(options, request, &begindir_reason);
1266
1267 /* Will the connection go via a three-hop Tor circuit? Note that this
1268 * is separate from whether it will use_begindir. */
1269 const int anonymized_connection = dirind_is_anon(indirection);
1270
1271 /* What is the address we want to make the directory request to? If
1272 * we're making a begindir request this is the ORPort of the relay
1273 * we're contacting; if not a begindir request, this is its DirPort.
1274 * Note that if anonymized_connection is true, we won't be initiating
1275 * a connection directly to this address. */
1276 tor_addr_t addr;
1277 tor_addr_copy(&addr, &(use_begindir ? or_addr_port : dir_addr_port)->addr);
1278 uint16_t port = (use_begindir ? or_addr_port : dir_addr_port)->port;
1279
1280 log_debug(LD_DIR, "anonymized %d, use_begindir %d.",
1281 anonymized_connection, use_begindir);
1282
1283 log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose));
1284
1285 if (purpose_needs_anonymity(dir_purpose, router_purpose, resource)) {
1286 tor_assert(anonymized_connection ||
1287 rend_non_anonymous_mode_enabled(options));
1288 }
1289
1290 /* use encrypted begindir connections for everything except relays
1291 * this provides better protection for directory fetches */
1292 if (!use_begindir && directory_must_use_begindir(options)) {
1293 log_warn(LD_BUG, "Client could not use begindir connection: %s",
1294 begindir_reason ? begindir_reason : "(NULL)");
1295 return;
1296 }
1297
1298 /* ensure that we don't make direct connections when a SOCKS server is
1299 * configured. */
1300 if (!anonymized_connection && !use_begindir && !options->HTTPProxy &&
1301 (options->Socks4Proxy || options->Socks5Proxy)) {
1302 log_warn(LD_DIR, "Cannot connect to a directory server through a "
1303 "SOCKS proxy!");
1304 return;
1305 }
1306
1307 /* Make sure that the destination addr and port we picked is viable. */
1308 if (!port || tor_addr_is_null(&addr)) {
1309 static int logged_backtrace = 0;
1310 log_warn(LD_DIR,
1311 "Cannot make an outgoing %sconnection without a remote %sPort.",
1312 use_begindir ? "begindir " : "",
1313 use_begindir ? "OR" : "Dir");
1314 if (!logged_backtrace) {
1315 log_backtrace(LOG_INFO, LD_BUG, "Address came from");
1316 logged_backtrace = 1;
1317 }
1318 return;
1319 }
1320
1321 conn = dir_connection_new(tor_addr_family(&addr));
1322
1323 /* set up conn so it's got all the data we need to remember */
1324 tor_addr_copy(&conn->base_.addr, &addr);
1325 conn->base_.port = port;
1326 conn->base_.address = tor_addr_to_str_dup(&addr);
1327 memcpy(conn->identity_digest, digest, DIGEST_LEN);
1328
1329 conn->base_.purpose = dir_purpose;
1330 conn->router_purpose = router_purpose;
1331
1332 /* give it an initial state */
1333 conn->base_.state = DIR_CONN_STATE_CONNECTING;
1334
1335 /* decide whether we can learn our IP address from this conn */
1336 /* XXXX This is a bad name for this field now. */
1337 conn->dirconn_direct = !anonymized_connection;
1338
1339 /* copy rendezvous data, if any */
1340 if (rend_query) {
1341 /* We can't have both v2 and v3+ identifier. */
1342 tor_assert_nonfatal(!hs_ident);
1343 conn->rend_data = rend_data_dup(rend_query);
1344 }
1345 if (hs_ident) {
1346 /* We can't have both v2 and v3+ identifier. */
1347 tor_assert_nonfatal(!rend_query);
1348 conn->hs_ident = hs_ident_dir_conn_dup(hs_ident);
1349 }
1350
1351 if (!anonymized_connection && !use_begindir) {
1352 /* then we want to connect to dirport directly */
1353
1354 if (options->HTTPProxy) {
1355 tor_addr_copy(&addr, &options->HTTPProxyAddr);
1356 port = options->HTTPProxyPort;
1357 }
1358
1359 // In this case we should not have picked a directory guard.
1360 if (BUG(guard_state)) {
1361 entry_guard_cancel(&guard_state);
1362 }
1363
1364 switch (connection_connect(TO_CONN(conn), conn->base_.address, &addr,
1365 port, &socket_error)) {
1366 case -1:
1367 connection_mark_for_close(TO_CONN(conn));
1368 return;
1369 case 1:
1370 /* start flushing conn */
1371 conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
1372 /* fall through */
1373 case 0:
1374 /* queue the command on the outbuf */
1375 directory_send_command(conn, 1, request);
1376 connection_watch_events(TO_CONN(conn), READ_EVENT | WRITE_EVENT);
1377 /* writable indicates finish, readable indicates broken link,
1378 error indicates broken link in windowsland. */
1379 }
1380 } else {
1381 /* We will use a Tor circuit (maybe 1-hop, maybe 3-hop, maybe with
1382 * begindir, maybe not with begindir) */
1383
1384 entry_connection_t *linked_conn;
1385
1386 /* Anonymized tunneled connections can never share a circuit.
1387 * One-hop directory connections can share circuits with each other
1388 * but nothing else. */
1389 int iso_flags = anonymized_connection ? ISO_STREAM : ISO_SESSIONGRP;
1390
1391 /* If it's an anonymized connection, remember the fact that we
1392 * wanted it for later: maybe we'll want it again soon. */
1393 if (anonymized_connection && use_begindir)
1394 rep_hist_note_used_internal(time(NULL), 0, 1);
1395 else if (anonymized_connection && !use_begindir)
1396 rep_hist_note_used_port(time(NULL), conn->base_.port);
1397
1398 // In this case we should not have a directory guard; we'll
1399 // get a regular guard later when we build the circuit.
1400 if (BUG(anonymized_connection && guard_state)) {
1401 entry_guard_cancel(&guard_state);
1402 }
1403
1404 conn->guard_state = guard_state;
1405
1406 /* make an AP connection
1407 * populate it and add it at the right state
1408 * hook up both sides
1409 */
1410 linked_conn =
1411 connection_ap_make_link(TO_CONN(conn),
1412 conn->base_.address, conn->base_.port,
1413 digest,
1414 SESSION_GROUP_DIRCONN, iso_flags,
1415 use_begindir, !anonymized_connection);
1416 if (!linked_conn) {
1417 log_warn(LD_NET,"Making tunnel to dirserver failed.");
1418 connection_mark_for_close(TO_CONN(conn));
1419 return;
1420 }
1421
1422 if (connection_add(TO_CONN(conn)) < 0) {
1423 log_warn(LD_NET,"Unable to add connection for link to dirserver.");
1424 connection_mark_for_close(TO_CONN(conn));
1425 return;
1426 }
1427 conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
1428 /* queue the command on the outbuf */
1429 directory_send_command(conn, 0, request);
1430
1431 connection_watch_events(TO_CONN(conn), READ_EVENT|WRITE_EVENT);
1432 connection_start_reading(ENTRY_TO_CONN(linked_conn));
1433 }
1434 }
1435
1436 /** Helper for sorting
1437 *
1438 * sort strings alphabetically
1439 *
1440 * XXXX we have a smartlist_sort_strings() function, right?
1441 */
1442 static int
1443 compare_strs_(const void **a, const void **b)
1444 {
1445 const char *s1 = *a, *s2 = *b;
1446 return strcmp(s1, s2);
1447 }
1448
1449 #define CONDITIONAL_CONSENSUS_FPR_LEN 3
1450 #if (CONDITIONAL_CONSENSUS_FPR_LEN > DIGEST_LEN)
1451 #error "conditional consensus fingerprint length is larger than digest length"
1452 #endif
1453
1454 /** Return the URL we should use for a consensus download.
1455 *
1456 * Use the "conditional consensus downloading" feature described in
1457 * dir-spec.txt, i.e.
1458 * GET .../consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>
1459 *
1460 * If 'resource' is provided, it is the name of a consensus flavor to request.
1461 */
1462 static char *
1463 directory_get_consensus_url(const char *resource)
1464 {
1465 char *url = NULL;
1466 const char *hyphen, *flavor;
1467 if (resource==NULL || strcmp(resource, "ns")==0) {
1468 flavor = ""; /* Request ns consensuses as "", so older servers will work*/
1469 hyphen = "";
1470 } else {
1471 flavor = resource;
1472 hyphen = "-";
1473 }
1474
1475 {
1476 char *authority_id_list;
1477 smartlist_t *authority_digests = smartlist_new();
1478
1479 SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
1480 dir_server_t *, ds) {
1481 char *hex;
1482 if (!(ds->type & V3_DIRINFO))
1483 continue;
1484
1485 hex = tor_malloc(2*CONDITIONAL_CONSENSUS_FPR_LEN+1);
1486 base16_encode(hex, 2*CONDITIONAL_CONSENSUS_FPR_LEN+1,
1487 ds->v3_identity_digest, CONDITIONAL_CONSENSUS_FPR_LEN);
1488 smartlist_add(authority_digests, hex);
1489 } SMARTLIST_FOREACH_END(ds);
1490 smartlist_sort(authority_digests, compare_strs_);
1491 authority_id_list = smartlist_join_strings(authority_digests,
1492 "+", 0, NULL);
1493
1494 tor_asprintf(&url, "/tor/status-vote/current/consensus%s%s/%s.z",
1495 hyphen, flavor, authority_id_list);
1496
1497 SMARTLIST_FOREACH(authority_digests, char *, cp, tor_free(cp));
1498 smartlist_free(authority_digests);
1499 tor_free(authority_id_list);
1500 }
1501 return url;
1502 }
1503
1504 /**
1505 * Copies the ipv6 from source to destination, subject to buffer size limit
1506 * size. If decorate is true, makes sure the copied address is decorated.
1507 */
1508 static void
1509 copy_ipv6_address(char* destination, const char* source, size_t len,
1510 int decorate) {
1511 tor_assert(destination);
1512 tor_assert(source);
1513
1514 if (decorate && source[0] != '[') {
1515 tor_snprintf(destination, len, "[%s]", source);
1516 } else {
1517 strlcpy(destination, source, len);
1518 }
1519 }
1520
1521 /** Queue an appropriate HTTP command for <b>request</b> on
1522 * <b>conn</b>-\>outbuf. If <b>direct</b> is true, we're making a
1523 * non-anonymized connection to the dirport.
1524 */
1525 static void
1526 directory_send_command(dir_connection_t *conn,
1527 const int direct,
1528 const directory_request_t *req)
1529 {
1530 tor_assert(req);
1531 const int purpose = req->dir_purpose;
1532 const char *resource = req->resource;
1533 const char *payload = req->payload;
1534 const size_t payload_len = req->payload_len;
1535 const time_t if_modified_since = req->if_modified_since;
1536 const int anonymized_connection = dirind_is_anon(req->indirection);
1537
1538 char proxystring[256];
1539 char hoststring[128];
1540 /* NEEDS to be the same size hoststring.
1541 Will be decorated with brackets around it if it is ipv6. */
1542 char decorated_address[128];
1543 smartlist_t *headers = smartlist_new();
1544 char *url;
1545 char *accept_encoding;
1546 size_t url_len;
1547 char request[8192];
1548 size_t request_len, total_request_len = 0;
1549 const char *httpcommand = NULL;
1550
1551 tor_assert(conn);
1552 tor_assert(conn->base_.type == CONN_TYPE_DIR);
1553
1554 tor_free(conn->requested_resource);
1555 if (resource)
1556 conn->requested_resource = tor_strdup(resource);
1557
1558 /* decorate the ip address if it is ipv6 */
1559 if (strchr(conn->base_.address, ':')) {
1560 copy_ipv6_address(decorated_address, conn->base_.address,
1561 sizeof(decorated_address), 1);
1562 } else {
1563 strlcpy(decorated_address, conn->base_.address, sizeof(decorated_address));
1564 }
1565
1566 /* come up with a string for which Host: we want */
1567 if (conn->base_.port == 80) {
1568 strlcpy(hoststring, decorated_address, sizeof(hoststring));
1569 } else {
1570 tor_snprintf(hoststring, sizeof(hoststring), "%s:%d",
1571 decorated_address, conn->base_.port);
1572 }
1573
1574 /* Format if-modified-since */
1575 if (if_modified_since) {
1576 char b[RFC1123_TIME_LEN+1];
1577 format_rfc1123_time(b, if_modified_since);
1578 smartlist_add_asprintf(headers, "If-Modified-Since: %s\r\n", b);
1579 }
1580
1581 /* come up with some proxy lines, if we're using one. */
1582 if (direct && get_options()->HTTPProxy) {
1583 char *base64_authenticator=NULL;
1584 const char *authenticator = get_options()->HTTPProxyAuthenticator;
1585
1586 tor_snprintf(proxystring, sizeof(proxystring),"http://%s", hoststring);
1587 if (authenticator) {
1588 base64_authenticator = alloc_http_authenticator(authenticator);
1589 if (!base64_authenticator)
1590 log_warn(LD_BUG, "Encoding http authenticator failed");
1591 }
1592 if (base64_authenticator) {
1593 smartlist_add_asprintf(headers,
1594 "Proxy-Authorization: Basic %s\r\n",
1595 base64_authenticator);
1596 tor_free(base64_authenticator);
1597 }
1598 } else {
1599 proxystring[0] = 0;
1600 }
1601
1602 if (! anonymized_connection) {
1603 /* Add Accept-Encoding. */
1604 accept_encoding = accept_encoding_header();
1605 smartlist_add_asprintf(headers, "Accept-Encoding: %s\r\n",
1606 accept_encoding);
1607 tor_free(accept_encoding);
1608 }
1609
1610 /* Add additional headers, if any */
1611 {
1612 config_line_t *h;
1613 for (h = req->additional_headers; h; h = h->next) {
1614 smartlist_add_asprintf(headers, "%s%s\r\n", h->key, h->value);
1615 }
1616 }
1617
1618 switch (purpose) {
1619 case DIR_PURPOSE_FETCH_CONSENSUS:
1620 /* resource is optional. If present, it's a flavor name */
1621 tor_assert(!payload);
1622 httpcommand = "GET";
1623 url = directory_get_consensus_url(resource);
1624 log_info(LD_DIR, "Downloading consensus from %s using %s",
1625 hoststring, url);
1626 break;
1627 case DIR_PURPOSE_FETCH_CERTIFICATE:
1628 tor_assert(resource);
1629 tor_assert(!payload);
1630 httpcommand = "GET";
1631 tor_asprintf(&url, "/tor/keys/%s", resource);
1632 break;
1633 case DIR_PURPOSE_FETCH_STATUS_VOTE:
1634 tor_assert(resource);
1635 tor_assert(!payload);
1636 httpcommand = "GET";
1637 tor_asprintf(&url, "/tor/status-vote/next/%s.z", resource);
1638 break;
1639 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
1640 tor_assert(!resource);
1641 tor_assert(!payload);
1642 httpcommand = "GET";
1643 url = tor_strdup("/tor/status-vote/next/consensus-signatures.z");
1644 break;
1645 case DIR_PURPOSE_FETCH_SERVERDESC:
1646 tor_assert(resource);
1647 httpcommand = "GET";
1648 tor_asprintf(&url, "/tor/server/%s", resource);
1649 break;
1650 case DIR_PURPOSE_FETCH_EXTRAINFO:
1651 tor_assert(resource);
1652 httpcommand = "GET";
1653 tor_asprintf(&url, "/tor/extra/%s", resource);
1654 break;
1655 case DIR_PURPOSE_FETCH_MICRODESC:
1656 tor_assert(resource);
1657 httpcommand = "GET";
1658 tor_asprintf(&url, "/tor/micro/%s", resource);
1659 break;
1660 case DIR_PURPOSE_UPLOAD_DIR: {
1661 const char *why = router_get_descriptor_gen_reason();
1662 tor_assert(!resource);
1663 tor_assert(payload);
1664 httpcommand = "POST";
1665 url = tor_strdup("/tor/");
1666 if (!why) {
1667 why = "for no reason at all";
1668 }
1669 smartlist_add_asprintf(headers, "X-Desc-Gen-Reason: %s\r\n", why);
1670 break;
1671 }
1672 case DIR_PURPOSE_UPLOAD_VOTE:
1673 tor_assert(!resource);
1674 tor_assert(payload);
1675 httpcommand = "POST";
1676 url = tor_strdup("/tor/post/vote");
1677 break;
1678 case DIR_PURPOSE_UPLOAD_SIGNATURES:
1679 tor_assert(!resource);
1680 tor_assert(payload);
1681 httpcommand = "POST";
1682 url = tor_strdup("/tor/post/consensus-signature");
1683 break;
1684 case DIR_PURPOSE_FETCH_RENDDESC_V2:
1685 tor_assert(resource);
1686 tor_assert(strlen(resource) <= REND_DESC_ID_V2_LEN_BASE32);
1687 tor_assert(!payload);
1688 httpcommand = "GET";
1689 tor_asprintf(&url, "/tor/rendezvous2/%s", resource);
1690 break;
1691 case DIR_PURPOSE_FETCH_HSDESC:
1692 tor_assert(resource);
1693 tor_assert(strlen(resource) <= ED25519_BASE64_LEN);
1694 tor_assert(!payload);
1695 httpcommand = "GET";
1696 tor_asprintf(&url, "/tor/hs/3/%s", resource);
1697 break;
1698 case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
1699 tor_assert(!resource);
1700 tor_assert(payload);
1701 httpcommand = "POST";
1702 url = tor_strdup("/tor/rendezvous2/publish");
1703 break;
1704 case DIR_PURPOSE_UPLOAD_HSDESC:
1705 tor_assert(resource);
1706 tor_assert(payload);
1707 httpcommand = "POST";
1708 tor_asprintf(&url, "/tor/hs/%s/publish", resource);
1709 break;
1710 default:
1711 tor_assert(0);
1712 return;
1713 }
1714
1715 /* warn in the non-tunneled case */
1716 if (direct && (strlen(proxystring) + strlen(url) >= 4096)) {
1717 log_warn(LD_BUG,
1718 "Squid does not like URLs longer than 4095 bytes, and this "
1719 "one is %d bytes long: %s%s",
1720 (int)(strlen(proxystring) + strlen(url)), proxystring, url);
1721 }
1722
1723 tor_snprintf(request, sizeof(request), "%s %s", httpcommand, proxystring);
1724
1725 request_len = strlen(request);
1726 total_request_len += request_len;
1727 connection_buf_add(request, request_len, TO_CONN(conn));
1728
1729 url_len = strlen(url);
1730 total_request_len += url_len;
1731 connection_buf_add(url, url_len, TO_CONN(conn));
1732 tor_free(url);
1733
1734 if (!strcmp(httpcommand, "POST") || payload) {
1735 smartlist_add_asprintf(headers, "Content-Length: %lu\r\n",
1736 payload ? (unsigned long)payload_len : 0);
1737 }
1738
1739 {
1740 char *header = smartlist_join_strings(headers, "", 0, NULL);
1741 tor_snprintf(request, sizeof(request), " HTTP/1.0\r\nHost: %s\r\n%s\r\n",
1742 hoststring, header);
1743 tor_free(header);
1744 }
1745
1746 request_len = strlen(request);
1747 total_request_len += request_len;
1748 connection_buf_add(request, request_len, TO_CONN(conn));
1749
1750 if (payload) {
1751 /* then send the payload afterwards too */
1752 connection_buf_add(payload, payload_len, TO_CONN(conn));
1753 total_request_len += payload_len;
1754 }
1755
1756 SMARTLIST_FOREACH(headers, char *, h, tor_free(h));
1757 smartlist_free(headers);
1758
1759 log_debug(LD_DIR,
1760 "Sent request to directory server '%s:%d': "
1761 "(purpose: %d, request size: %"TOR_PRIuSZ", "
1762 "payload size: %"TOR_PRIuSZ")",
1763 conn->base_.address, conn->base_.port,
1764 conn->base_.purpose,
1765 (total_request_len),
1766 (payload ? payload_len : 0));
1767 }
1768
1769 /** Return true iff <b>body</b> doesn't start with a plausible router or
1770 * network-status or microdescriptor opening. This is a sign of possible
1771 * compression. */
1772 static int
1773 body_is_plausible(const char *body, size_t len, int purpose)
1774 {
1775 int i;
1776 if (len == 0)
1777 return 1; /* empty bodies don't need decompression */
1778 if (len < 32)
1779 return 0;
1780 if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
1781 return (!strcmpstart(body,"onion-key"));
1782 }
1783
1784 if (!strcmpstart(body,"router") ||
1785 !strcmpstart(body,"network-status"))
1786 return 1;
1787 for (i=0;i<32;++i) {
1788 if (!TOR_ISPRINT(body[i]) && !TOR_ISSPACE(body[i]))
1789 return 0;
1790 }
1791
1792 return 1;
1793 }
1794
1795 /** Called when we've just fetched a bunch of router descriptors in
1796 * <b>body</b>. The list <b>which</b>, if present, holds digests for
1797 * descriptors we requested: descriptor digests if <b>descriptor_digests</b>
1798 * is true, or identity digests otherwise. Parse the descriptors, validate
1799 * them, and annotate them as having purpose <b>purpose</b> and as having been
1800 * downloaded from <b>source</b>.
1801 *
1802 * Return the number of routers actually added. */
1803 static int
1804 load_downloaded_routers(const char *body, smartlist_t *which,
1805 int descriptor_digests,
1806 int router_purpose,
1807 const char *source)
1808 {
1809 char buf[256];
1810 char time_buf[ISO_TIME_LEN+1];
1811 int added = 0;
1812 int general = router_purpose == ROUTER_PURPOSE_GENERAL;
1813 format_iso_time(time_buf, time(NULL));
1814 tor_assert(source);
1815
1816 if (tor_snprintf(buf, sizeof(buf),
1817 "@downloaded-at %s\n"
1818 "@source %s\n"
1819 "%s%s%s", time_buf, escaped(source),
1820 !general ? "@purpose " : "",
1821 !general ? router_purpose_to_string(router_purpose) : "",
1822 !general ? "\n" : "")<0)
1823 return added;
1824
1825 added = router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
1826 descriptor_digests, buf);
1827 if (added && general)
1828 control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
1829 count_loading_descriptors_progress());
1830 return added;
1831 }
1832
1833 static int handle_response_fetch_certificate(dir_connection_t *,
1834 const response_handler_args_t *);
1835 static int handle_response_fetch_status_vote(dir_connection_t *,
1836 const response_handler_args_t *);
1837 static int handle_response_fetch_detached_signatures(dir_connection_t *,
1838 const response_handler_args_t *);
1839 static int handle_response_fetch_desc(dir_connection_t *,
1840 const response_handler_args_t *);
1841 static int handle_response_upload_dir(dir_connection_t *,
1842 const response_handler_args_t *);
1843 static int handle_response_upload_vote(dir_connection_t *,
1844 const response_handler_args_t *);
1845 static int handle_response_upload_signatures(dir_connection_t *,
1846 const response_handler_args_t *);
1847 static int handle_response_fetch_renddesc_v2(dir_connection_t *,
1848 const response_handler_args_t *);
1849 static int handle_response_upload_renddesc_v2(dir_connection_t *,
1850 const response_handler_args_t *);
1851 static int handle_response_upload_hsdesc(dir_connection_t *,
1852 const response_handler_args_t *);
1853
1854 static int
1855 dir_client_decompress_response_body(char **bodyp, size_t *bodylenp,
1856 dir_connection_t *conn,
1857 compress_method_t compression,
1858 int anonymized_connection)
1859 {
1860 int rv = 0;
1861 const char *body = *bodyp;
1862 size_t body_len = *bodylenp;
1863 int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
1864 conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
1865 conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
1866
1867 int plausible = body_is_plausible(body, body_len, conn->base_.purpose);
1868
1869 if (plausible && compression == NO_METHOD) {
1870 return 0;
1871 }
1872
1873 int severity = LOG_DEBUG;
1874 char *new_body = NULL;
1875 size_t new_len = 0;
1876 const char *description1, *description2;
1877 int want_to_try_both = 0;
1878 int tried_both = 0;
1879 compress_method_t guessed = detect_compression_method(body, body_len);
1880
1881 description1 = compression_method_get_human_name(compression);
1882
1883 if (BUG(description1 == NULL))
1884 description1 = compression_method_get_human_name(UNKNOWN_METHOD);
1885
1886 if (guessed == UNKNOWN_METHOD && !plausible)
1887 description2 = "confusing binary junk";
1888 else
1889 description2 = compression_method_get_human_name(guessed);
1890
1891 /* Tell the user if we don't believe what we're told about compression.*/
1892 want_to_try_both = (compression == UNKNOWN_METHOD ||
1893 guessed != compression);
1894 if (want_to_try_both) {
1895 severity = LOG_PROTOCOL_WARN;
1896 }
1897
1898 tor_log(severity, LD_HTTP,
1899 "HTTP body from server '%s:%d' was labeled as %s, "
1900 "%s it seems to be %s.%s",
1901 conn->base_.address, conn->base_.port, description1,
1902 guessed != compression?"but":"and",
1903 description2,
1904 (compression>0 && guessed>0 && want_to_try_both)?
1905 " Trying both.":"");
1906
1907 /* Try declared compression first if we can.
1908 * tor_compress_supports_method() also returns true for NO_METHOD.
1909 * Ensure that the server is not sending us data compressed using a
1910 * compression method that is not allowed for anonymous connections. */
1911 if (anonymized_connection &&
1912 ! allowed_anonymous_connection_compression_method(compression)) {
1913 warn_disallowed_anonymous_compression_method(compression);
1914 rv = -1;
1915 goto done;
1916 }
1917
1918 if (tor_compress_supports_method(compression)) {
1919 tor_uncompress(&new_body, &new_len, body, body_len, compression,
1920 !allow_partial, LOG_PROTOCOL_WARN);
1921 if (new_body) {
1922 /* We succeeded with the declared compression method. Great! */
1923 rv = 0;
1924 goto done;
1925 }
1926 }
1927
1928 /* Okay, if that didn't work, and we think that it was compressed
1929 * differently, try that. */
1930 if (anonymized_connection &&
1931 ! allowed_anonymous_connection_compression_method(guessed)) {
1932 warn_disallowed_anonymous_compression_method(guessed);
1933 rv = -1;
1934 goto done;
1935 }
1936
1937 if (tor_compress_supports_method(guessed) &&
1938 compression != guessed) {
1939 tor_uncompress(&new_body, &new_len, body, body_len, guessed,
1940 !allow_partial, LOG_INFO);
1941 tried_both = 1;
1942 }
1943 /* If we're pretty sure that we have a compressed directory, and
1944 * we didn't manage to uncompress it, then warn and bail. */
1945 if (!plausible && !new_body) {
1946 log_fn(LOG_PROTOCOL_WARN, LD_HTTP,
1947 "Unable to decompress HTTP body (tried %s%s%s, server '%s:%d').",
1948 description1,
1949 tried_both?" and ":"",
1950 tried_both?description2:"",
1951 conn->base_.address, conn->base_.port);
1952 rv = -1;
1953 goto done;
1954 }
1955
1956 done:
1957 if (new_body) {
1958 if (rv == 0) {
1959 /* success! */
1960 tor_free(*bodyp);
1961 *bodyp = new_body;
1962 *bodylenp = new_len;
1963 } else {
1964 tor_free(new_body);
1965 }
1966 }
1967
1968 return rv;
1969 }
1970
1971 /** We are a client, and we've finished reading the server's
1972 * response. Parse it and act appropriately.
1973 *
1974 * If we're still happy with using this directory server in the future, return
1975 * 0. Otherwise return -1; and the caller should consider trying the request
1976 * again.
1977 *
1978 * The caller will take care of marking the connection for close.
1979 */
1980 static int
1981 connection_dir_client_reached_eof(dir_connection_t *conn)
1982 {
1983 char *body = NULL;
1984 char *headers = NULL;
1985 char *reason = NULL;
1986 size_t body_len = 0;
1987 int status_code;
1988 time_t date_header = 0;
1989 long apparent_skew;
1990 compress_method_t compression;
1991 int skewed = 0;
1992 int rv;
1993 int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
1994 conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
1995 conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
1996 size_t received_bytes;
1997 const int anonymized_connection =
1998 purpose_needs_anonymity(conn->base_.purpose,
1999 conn->router_purpose,
2000 conn->requested_resource);
2001
2002 received_bytes = connection_get_inbuf_len(TO_CONN(conn));
2003
2004 switch (connection_fetch_from_buf_http(TO_CONN(conn),
2005 &headers, MAX_HEADERS_SIZE,
2006 &body, &body_len, MAX_DIR_DL_SIZE,
2007 allow_partial)) {
2008 case -1: /* overflow */
2009 log_warn(LD_PROTOCOL,
2010 "'fetch' response too large (server '%s:%d'). Closing.",
2011 conn->base_.address, conn->base_.port);
2012 return -1;
2013 case 0:
2014 log_info(LD_HTTP,
2015 "'fetch' response not all here, but we're at eof. Closing.");
2016 return -1;
2017 /* case 1, fall through */
2018 }
2019
2020 if (parse_http_response(headers, &status_code, &date_header,
2021 &compression, &reason) < 0) {
2022 log_warn(LD_HTTP,"Unparseable headers (server '%s:%d'). Closing.",
2023 conn->base_.address, conn->base_.port);
2024
2025 rv = -1;
2026 goto done;
2027 }
2028 if (!reason) reason = tor_strdup("[no reason given]");
2029
2030 tor_log(LOG_DEBUG, LD_DIR,
2031 "Received response from directory server '%s:%d': %d %s "
2032 "(purpose: %d, response size: %"TOR_PRIuSZ
2033 #ifdef MEASUREMENTS_21206
2034 ", data cells received: %d, data cells sent: %d"
2035 #endif
2036 ", compression: %d)",
2037 conn->base_.address, conn->base_.port, status_code,
2038 escaped(reason), conn->base_.purpose,
2039 (received_bytes),
2040 #ifdef MEASUREMENTS_21206
2041 conn->data_cells_received, conn->data_cells_sent,
2042 #endif
2043 compression);
2044
2045 if (conn->guard_state) {
2046 /* we count the connection as successful once we can read from it. We do
2047 * not, however, delay use of the circuit here, since it's just for a
2048 * one-hop directory request. */
2049 /* XXXXprop271 note that this will not do the right thing for other
2050 * waiting circuits that would be triggered by this circuit becoming
2051 * complete/usable. But that's ok, I think.
2052 */
2053 entry_guard_succeeded(&conn->guard_state);
2054 circuit_guard_state_free(conn->guard_state);
2055 conn->guard_state = NULL;
2056 }
2057
2058 /* now check if it's got any hints for us about our IP address. */
2059 if (conn->dirconn_direct) {
2060 char *guess = http_get_header(headers, X_ADDRESS_HEADER);
2061 if (guess) {
2062 router_new_address_suggestion(guess, conn);
2063 tor_free(guess);
2064 }
2065 }
2066
2067 if (date_header > 0) {
2068 /* The date header was written very soon after we sent our request,
2069 * so compute the skew as the difference between sending the request
2070 * and the date header. (We used to check now-date_header, but that's
2071 * inaccurate if we spend a lot of time downloading.)
2072 */
2073 apparent_skew = conn->base_.timestamp_last_write_allowed - date_header;
2074 if (labs(apparent_skew)>ALLOW_DIRECTORY_TIME_SKEW) {
2075 int trusted = router_digest_is_trusted_dir(conn->identity_digest);
2076 clock_skew_warning(TO_CONN(conn), apparent_skew, trusted, LD_HTTP,
2077 "directory", "DIRSERV");
2078 skewed = 1; /* don't check the recommended-versions line */
2079 } else {
2080 log_debug(LD_HTTP, "Time on received directory is within tolerance; "
2081 "we are %ld seconds skewed. (That's okay.)", apparent_skew);
2082 }
2083 }
2084 (void) skewed; /* skewed isn't used yet. */
2085
2086 if (status_code == 503) {
2087 routerstatus_t *rs;
2088 dir_server_t *ds;
2089 const char *id_digest = conn->identity_digest;
2090 log_info(LD_DIR,"Received http status code %d (%s) from server "
2091 "'%s:%d'. I'll try again soon.",
2092 status_code, escaped(reason), conn->base_.address,
2093 conn->base_.port);
2094 time_t now = approx_time();
2095 if ((rs = router_get_mutable_consensus_status_by_id(id_digest)))
2096 rs->last_dir_503_at = now;
2097 if ((ds = router_get_fallback_dirserver_by_digest(id_digest)))
2098 ds->fake_status.last_dir_503_at = now;
2099
2100 rv = -1;
2101 goto done;
2102 }
2103
2104 if (dir_client_decompress_response_body(&body, &body_len,
2105 conn, compression, anonymized_connection) < 0) {
2106 rv = -1;
2107 goto done;
2108 }
2109
2110 response_handler_args_t args;
2111 memset(&args, 0, sizeof(args));
2112 args.status_code = status_code;
2113 args.reason = reason;
2114 args.body = body;
2115 args.body_len = body_len;
2116 args.headers = headers;
2117
2118 switch (conn->base_.purpose) {
2119 case DIR_PURPOSE_FETCH_CONSENSUS:
2120 rv = handle_response_fetch_consensus(conn, &args);
2121 break;
2122 case DIR_PURPOSE_FETCH_CERTIFICATE:
2123 rv = handle_response_fetch_certificate(conn, &args);
2124 break;
2125 case DIR_PURPOSE_FETCH_STATUS_VOTE:
2126 rv = handle_response_fetch_status_vote(conn, &args);
2127 break;
2128 case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
2129 rv = handle_response_fetch_detached_signatures(conn, &args);
2130 break;
2131 case DIR_PURPOSE_FETCH_SERVERDESC:
2132 case DIR_PURPOSE_FETCH_EXTRAINFO:
2133 rv = handle_response_fetch_desc(conn, &args);
2134 break;
2135 case DIR_PURPOSE_FETCH_MICRODESC:
2136 rv = handle_response_fetch_microdesc(conn, &args);
2137 break;
2138 case DIR_PURPOSE_FETCH_RENDDESC_V2:
2139 rv = handle_response_fetch_renddesc_v2(conn, &args);
2140 break;
2141 case DIR_PURPOSE_UPLOAD_DIR:
2142 rv = handle_response_upload_dir(conn, &args);
2143 break;
2144 case DIR_PURPOSE_UPLOAD_SIGNATURES:
2145 rv = handle_response_upload_signatures(conn, &args);
2146 break;
2147 case DIR_PURPOSE_UPLOAD_VOTE:
2148 rv = handle_response_upload_vote(conn, &args);
2149 break;
2150 case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
2151 rv = handle_response_upload_renddesc_v2(conn, &args);
2152 break;
2153 case DIR_PURPOSE_UPLOAD_HSDESC:
2154 rv = handle_response_upload_hsdesc(conn, &args);
2155 break;
2156 case DIR_PURPOSE_FETCH_HSDESC:
2157 rv = handle_response_fetch_hsdesc_v3(conn, &args);
2158 break;
2159 default:
2160 tor_assert_nonfatal_unreached();
2161 rv = -1;
2162 break;
2163 }
2164
2165 done:
2166 tor_free(body);
2167 tor_free(headers);
2168 tor_free(reason);
2169 return rv;
2170 }
2171
2172 /**
2173 * Handler function: processes a response to a request for a networkstatus
2174 * consensus document by checking the consensus, storing it, and marking
2175 * router requests as reachable.
2176 **/
2177 STATIC int
2178 handle_response_fetch_consensus(dir_connection_t *conn,
2179 const response_handler_args_t *args)
2180 {
2181 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS);
2182 const int status_code = args->status_code;
2183 const char *body = args->body;
2184 const size_t body_len = args->body_len;
2185 const char *reason = args->reason;
2186 const time_t now = approx_time();
2187
2188 const char *consensus;
2189 char *new_consensus = NULL;
2190 const char *sourcename;
2191
2192 int r;
2193 const char *flavname = conn->requested_resource;
2194 if (status_code != 200) {
2195 int severity = (status_code == 304) ? LOG_INFO : LOG_WARN;
2196 tor_log(severity, LD_DIR,
2197 "Received http status code %d (%s) from server "
2198 "'%s:%d' while fetching consensus directory.",
2199 status_code, escaped(reason), conn->base_.address,
2200 conn->base_.port);
2201 networkstatus_consensus_download_failed(status_code, flavname);
2202 return -1;
2203 }
2204
2205 if (looks_like_a_consensus_diff(body, body_len)) {
2206 /* First find our previous consensus. Maybe it's in ram, maybe not. */
2207 cached_dir_t *cd = dirserv_get_consensus(flavname);
2208 const char *consensus_body = NULL;
2209 size_t consensus_body_len;
2210 tor_mmap_t *mapped_consensus = NULL;
2211 if (cd) {
2212 consensus_body = cd->dir;
2213 consensus_body_len = cd->dir_len;
2214 } else {
2215 mapped_consensus = networkstatus_map_cached_consensus(flavname);
2216 if (mapped_consensus) {
2217 consensus_body = mapped_consensus->data;
2218 consensus_body_len = mapped_consensus->size;
2219 }
2220 }
2221 if (!consensus_body) {
2222 log_warn(LD_DIR, "Received a consensus diff, but we can't find "
2223 "any %s-flavored consensus in our current cache.",flavname);
2224 tor_munmap_file(mapped_consensus);
2225 networkstatus_consensus_download_failed(0, flavname);
2226 // XXXX if this happens too much, see below
2227 return -1;
2228 }
2229
2230 new_consensus = consensus_diff_apply(consensus_body, consensus_body_len,
2231 body, body_len);
2232 tor_munmap_file(mapped_consensus);
2233 if (new_consensus == NULL) {
2234 log_warn(LD_DIR, "Could not apply consensus diff received from server "
2235 "'%s:%d'", conn->base_.address, conn->base_.port);
2236 // XXXX If this happens too many times, we should maybe not use
2237 // XXXX this directory for diffs any more?
2238 networkstatus_consensus_download_failed(0, flavname);
2239 return -1;
2240 }
2241 log_info(LD_DIR, "Applied consensus diff (size %d) from server "
2242 "'%s:%d', resulting in a new consensus document (size %d).",
2243 (int)body_len, conn->base_.address, conn->base_.port,
2244 (int)strlen(new_consensus));
2245 consensus = new_consensus;
2246 sourcename = "generated based on a diff";
2247 } else {
2248 log_info(LD_DIR,"Received consensus directory (body size %d) from server "
2249 "'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port);
2250 consensus = body;
2251 sourcename = "downloaded";
2252 }
2253
2254 if ((r=networkstatus_set_current_consensus(consensus,
2255 strlen(consensus),
2256 flavname, 0,
2257 conn->identity_digest))<0) {
2258 log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
2259 "Unable to load %s consensus directory %s from "
2260 "server '%s:%d'. I'll try again soon.",
2261 flavname, sourcename, conn->base_.address, conn->base_.port);
2262 networkstatus_consensus_download_failed(0, flavname);
2263 tor_free(new_consensus);
2264 return -1;
2265 }
2266
2267 /* If we launched other fetches for this consensus, cancel them. */
2268 connection_dir_close_consensus_fetches(conn, flavname);
2269
2270 /* update the list of routers and directory guards */
2271 routers_update_all_from_networkstatus(now, 3);
2272 update_microdescs_from_networkstatus(now);
2273 directory_info_has_arrived(now, 0, 0);
2274
2275 if (authdir_mode_v3(get_options())) {
2276 sr_act_post_consensus(
2277 networkstatus_get_latest_consensus_by_flavor(FLAV_NS));
2278 }
2279 log_info(LD_DIR, "Successfully loaded consensus.");
2280
2281 tor_free(new_consensus);
2282 return 0;
2283 }
2284
2285 /**
2286 * Handler function: processes a response to a request for one or more
2287 * authority certificates
2288 **/
2289 static int
2290 handle_response_fetch_certificate(dir_connection_t *conn,
2291 const response_handler_args_t *args)
2292 {
2293 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE);
2294 const int status_code = args->status_code;
2295 const char *reason = args->reason;
2296 const char *body = args->body;
2297 const size_t body_len = args->body_len;
2298
2299 if (status_code != 200) {
2300 log_warn(LD_DIR,
2301 "Received http status code %d (%s) from server "
2302 "'%s:%d' while fetching \"/tor/keys/%s\".",
2303 status_code, escaped(reason), conn->base_.address,
2304 conn->base_.port, conn->requested_resource);
2305 connection_dir_download_cert_failed(conn, status_code);
2306 return -1;
2307 }
2308 log_info(LD_DIR,"Received authority certificates (body size %d) from "
2309 "server '%s:%d'",
2310 (int)body_len, conn->base_.address, conn->base_.port);
2311
2312 /*
2313 * Tell trusted_dirs_load_certs_from_string() whether it was by fp
2314 * or fp-sk pair.
2315 */
2316 int src_code = -1;
2317 if (!strcmpstart(conn->requested_resource, "fp/")) {
2318 src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST;
2319 } else if (!strcmpstart(conn->requested_resource, "fp-sk/")) {
2320 src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST;
2321 }
2322
2323 if (src_code != -1) {
2324 if (trusted_dirs_load_certs_from_string(body, src_code, 1,
2325 conn->identity_digest)<0) {
2326 log_warn(LD_DIR, "Unable to parse fetched certificates");
2327 /* if we fetched more than one and only some failed, the successful
2328 * ones got flushed to disk so it's safe to call this on them */
2329 connection_dir_download_cert_failed(conn, status_code);
2330 } else {
2331 time_t now = approx_time();
2332 directory_info_has_arrived(now, 0, 0);
2333 log_info(LD_DIR, "Successfully loaded certificates from fetch.");
2334 }
2335 } else {
2336 log_warn(LD_DIR,
2337 "Couldn't figure out what to do with fetched certificates for "
2338 "unknown resource %s",
2339 conn->requested_resource);
2340 connection_dir_download_cert_failed(conn, status_code);
2341 }
2342 return 0;
2343 }
2344
2345 /**
2346 * Handler function: processes a response to a request for an authority's
2347 * current networkstatus vote.
2348 **/
2349 static int
2350 handle_response_fetch_status_vote(dir_connection_t *conn,
2351 const response_handler_args_t *args)
2352 {
2353 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE);
2354 const int status_code = args->status_code;
2355 const char *reason = args->reason;
2356 const char *body = args->body;
2357 const size_t body_len = args->body_len;
2358
2359 const char *msg;
2360 int st;
2361 log_info(LD_DIR,"Got votes (body size %d) from server %s:%d",
2362 (int)body_len, conn->base_.address, conn->base_.port);
2363 if (status_code != 200) {
2364 log_warn(LD_DIR,
2365 "Received http status code %d (%s) from server "
2366 "'%s:%d' while fetching \"/tor/status-vote/next/%s.z\".",
2367 status_code, escaped(reason), conn->base_.address,
2368 conn->base_.port, conn->requested_resource);
2369 return -1;
2370 }
2371 dirvote_add_vote(body, &msg, &st);
2372 if (st > 299) {
2373 log_warn(LD_DIR, "Error adding retrieved vote: %s", msg);
2374 } else {
2375 log_info(LD_DIR, "Added vote(s) successfully [msg: %s]", msg);
2376 }
2377
2378 return 0;
2379 }
2380
2381 /**
2382 * Handler function: processes a response to a request for the signatures
2383 * that an authority knows about on a given consensus.
2384 **/
2385 static int
2386 handle_response_fetch_detached_signatures(dir_connection_t *conn,
2387 const response_handler_args_t *args)
2388 {
2389 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES);
2390 const int status_code = args->status_code;
2391 const char *reason = args->reason;
2392 const char *body = args->body;
2393 const size_t body_len = args->body_len;
2394
2395 const char *msg = NULL;
2396 log_info(LD_DIR,"Got detached signatures (body size %d) from server %s:%d",
2397 (int)body_len, conn->base_.address, conn->base_.port);
2398 if (status_code != 200) {
2399 log_warn(LD_DIR,
2400 "Received http status code %d (%s) from server '%s:%d' while fetching "
2401 "\"/tor/status-vote/next/consensus-signatures.z\".",
2402 status_code, escaped(reason), conn->base_.address,
2403 conn->base_.port);
2404 return -1;
2405 }
2406 if (dirvote_add_signatures(body, conn->base_.address, &msg)<0) {
2407 log_warn(LD_DIR, "Problem adding detached signatures from %s:%d: %s",
2408 conn->base_.address, conn->base_.port, msg?msg:"???");
2409 }
2410
2411 return 0;
2412 }
2413
2414 /**
2415 * Handler function: processes a response to a request for a group of server
2416 * descriptors or an extrainfo documents.
2417 **/
2418 static int
2419 handle_response_fetch_desc(dir_connection_t *conn,
2420 const response_handler_args_t *args)
2421 {
2422 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
2423 conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO);
2424 const int status_code = args->status_code;
2425 const char *reason = args->reason;
2426 const char *body = args->body;
2427 const size_t body_len = args->body_len;
2428
2429 int was_ei = conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO;
2430 smartlist_t *which = NULL;
2431 int n_asked_for = 0;
2432 int descriptor_digests = conn->requested_resource &&
2433 !strcmpstart(conn->requested_resource,"d/");
2434 log_info(LD_DIR,"Received %s (body size %d) from server '%s:%d'",
2435 was_ei ? "extra server info" : "server info",
2436 (int)body_len, conn->base_.address, conn->base_.port);
2437 if (conn->requested_resource &&
2438 (!strcmpstart(conn->requested_resource,"d/") ||
2439 !strcmpstart(conn->requested_resource,"fp/"))) {
2440 which = smartlist_new();
2441 dir_split_resource_into_fingerprints(conn->requested_resource +
2442 (descriptor_digests ? 2 : 3),
2443 which, NULL, 0);
2444 n_asked_for = smartlist_len(which);
2445 }
2446 if (status_code != 200) {
2447 int dir_okay = status_code == 404 ||
2448 (status_code == 400 && !strcmp(reason, "Servers unavailable."));
2449 /* 404 means that it didn't have them; no big deal.
2450 * Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */
2451 log_fn(dir_okay ? LOG_INFO : LOG_WARN, LD_DIR,
2452 "Received http status code %d (%s) from server '%s:%d' "
2453 "while fetching \"/tor/server/%s\". I'll try again soon.",
2454 status_code, escaped(reason), conn->base_.address,
2455 conn->base_.port, conn->requested_resource);
2456 if (!which) {
2457 connection_dir_download_routerdesc_failed(conn);
2458 } else {
2459 dir_routerdesc_download_failed(which, status_code,
2460 conn->router_purpose,
2461 was_ei, descriptor_digests);
2462 SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
2463 smartlist_free(which);
2464 }
2465 return dir_okay ? 0 : -1;
2466 }
2467 /* Learn the routers, assuming we requested by fingerprint or "all"
2468 * or "authority".
2469 *
2470 * We use "authority" to fetch our own descriptor for
2471 * testing, and to fetch bridge descriptors for bootstrapping. Ignore
2472 * the output of "authority" requests unless we are using bridges,
2473 * since otherwise they'll be the response from reachability tests,
2474 * and we don't really want to add that to our routerlist. */
2475 if (which || (conn->requested_resource &&
2476 (!strcmpstart(conn->requested_resource, "all") ||
2477 (!strcmpstart(conn->requested_resource, "authority") &&
2478 get_options()->UseBridges)))) {
2479 /* as we learn from them, we remove them from 'which' */
2480 if (was_ei) {
2481 router_load_extrainfo_from_string(body, NULL, SAVED_NOWHERE, which,
2482 descriptor_digests);
2483 } else {
2484 //router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
2485 // descriptor_digests, conn->router_purpose);
2486 if (load_downloaded_routers(body, which, descriptor_digests,
2487 conn->router_purpose,
2488 conn->base_.address)) {
2489 time_t now = approx_time();
2490 directory_info_has_arrived(now, 0, 1);
2491 }
2492 }
2493 }
2494 if (which) { /* mark remaining ones as failed */
2495 log_info(LD_DIR, "Received %d/%d %s requested from %s:%d",
2496 n_asked_for-smartlist_len(which), n_asked_for,
2497 was_ei ? "extra-info documents" : "router descriptors",
2498 conn->base_.address, (int)conn->base_.port);
2499 if (smartlist_len(which)) {
2500 dir_routerdesc_download_failed(which, status_code,
2501 conn->router_purpose,
2502 was_ei, descriptor_digests);
2503 }
2504 SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
2505 smartlist_free(which);
2506 }
2507 if (directory_conn_is_self_reachability_test(conn))
2508 router_dirport_found_reachable();
2509
2510 return 0;
2511 }
2512
2513 /**
2514 * Handler function: processes a response to a request for a group of
2515 * microdescriptors
2516 **/
2517 STATIC int
2518 handle_response_fetch_microdesc(dir_connection_t *conn,
2519 const response_handler_args_t *args)
2520 {
2521 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
2522 const int status_code = args->status_code;
2523 const char *reason = args->reason;
2524 const char *body = args->body;
2525 const size_t body_len = args->body_len;
2526
2527 smartlist_t *which = NULL;
2528 log_info(LD_DIR,"Received answer to microdescriptor request (status %d, "
2529 "body size %d) from server '%s:%d'",
2530 status_code, (int)body_len, conn->base_.address,
2531 conn->base_.port);
2532 tor_assert(conn->requested_resource &&
2533 !strcmpstart(conn->requested_resource, "d/"));
2534 tor_assert_nonfatal(!tor_mem_is_zero(conn->identity_digest, DIGEST_LEN));
2535 which = smartlist_new();
2536 dir_split_resource_into_fingerprints(conn->requested_resource+2,
2537 which, NULL,
2538 DSR_DIGEST256|DSR_BASE64);
2539 if (status_code != 200) {
2540 log_info(LD_DIR, "Received status code %d (%s) from server "
2541 "'%s:%d' while fetching \"/tor/micro/%s\". I'll try again "
2542 "soon.",
2543 status_code, escaped(reason), conn->base_.address,
2544 (int)conn->base_.port, conn->requested_resource);
2545 dir_microdesc_download_failed(which, status_code, conn->identity_digest);
2546 SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
2547 smartlist_free(which);
2548 return 0;
2549 } else {
2550 smartlist_t *mds;
2551 time_t now = approx_time();
2552 mds = microdescs_add_to_cache(get_microdesc_cache(),
2553 body, body+body_len, SAVED_NOWHERE, 0,
2554 now, which);
2555 if (smartlist_len(which)) {
2556 /* Mark remaining ones as failed. */
2557 dir_microdesc_download_failed(which, status_code, conn->identity_digest);
2558 }
2559 if (mds && smartlist_len(mds)) {
2560 control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
2561 count_loading_descriptors_progress());
2562 directory_info_has_arrived(now, 0, 1);
2563 }
2564 SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
2565 smartlist_free(which);
2566 smartlist_free(mds);
2567 }
2568
2569 return 0;
2570 }
2571
2572 /**
2573 * Handler function: processes a response to a POST request to upload our
2574 * router descriptor.
2575 **/
2576 static int
2577 handle_response_upload_dir(dir_connection_t *conn,
2578 const response_handler_args_t *args)
2579 {
2580 tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_DIR);
2581 const int status_code = args->status_code;
2582 const char *reason = args->reason;
2583 const char *headers = args->headers;
2584
2585 switch (status_code) {
2586 case 200: {
2587 dir_server_t *ds =
2588 router_get_trusteddirserver_by_digest(conn->identity_digest);
2589 char *rejected_hdr = http_get_header(headers,
2590 "X-Descriptor-Not-New: ");
2591 if (rejected_hdr) {
2592 if (!strcmp(rejected_hdr, "Yes")) {
2593 log_info(LD_GENERAL,
2594 "Authority '%s' declined our descriptor (not new)",
2595 ds->nickname);
2596 /* XXXX use this information; be sure to upload next one
2597 * sooner. -NM */
2598 /* XXXX++ On further thought, the task above implies that we're
2599 * basing our regenerate-descriptor time on when we uploaded the
2600 * last descriptor, not on the published time of the last
2601 * descriptor. If those are different, that's a bad thing to
2602 * do. -NM */
2603 }
2604 tor_free(rejected_hdr);
2605 }
2606 log_info(LD_GENERAL,"eof (status 200) after uploading server "
2607 "descriptor: finished.");
2608 control_event_server_status(
2609 LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d",
2610 conn->base_.address, conn->base_.port);
2611
2612 ds->has_accepted_serverdesc = 1;
2613 if (directories_have_accepted_server_descriptor())
2614 control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR");
2615 }
2616 break;
2617 case 400:
2618 log_warn(LD_GENERAL,"http status 400 (%s) response from "
2619 "dirserver '%s:%d'. Please correct.",
2620 escaped(reason), conn->base_.address, conn->base_.port);
2621 control_event_server_status(LOG_WARN,
2622 "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"",
2623 conn->base_.address, conn->base_.port, escaped(reason));
2624 break;
2625 default:
2626 log_warn(LD_GENERAL,
2627 "HTTP status %d (%s) was unexpected while uploading "
2628 "descriptor to server '%s:%d'. Possibly the server is "
2629 "misconfigured?",
2630 status_code, escaped(reason), conn->base_.address,
2631 conn->base_.port);
2632 break;
2633 }
2634 /* return 0 in all cases, since we don't want to mark any
2635 * dirservers down just because they don't like us. */
2636
2637 return 0;
2638 }
2639
2640 /**
2641 * Handler function: processes a response to POST request to upload our
2642 * own networkstatus vote.
2643 **/
2644 static int
2645 handle_response_upload_vote(dir_connection_t *conn,
2646 const response_handler_args_t *args)
2647 {
2648 tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_VOTE);
2649 const int status_code = args->status_code;
2650 const char *reason = args->reason;
2651
2652 switch (status_code) {
2653 case 200: {
2654 log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d",
2655 conn->base_.address, conn->base_.port);
2656 }
2657 break;
2658 case 400:
2659 log_warn(LD_DIR,"http status 400 (%s) response after uploading "
2660 "vote to dirserver '%s:%d'. Please correct.",
2661 escaped(reason), conn->base_.address, conn->base_.port);
2662 break;
2663 default:
2664 log_warn(LD_GENERAL,
2665 "HTTP status %d (%s) was unexpected while uploading "
2666 "vote to server '%s:%d'.",
2667 status_code, escaped(reason), conn->base_.address,
2668 conn->base_.port);
2669 break;
2670 }
2671 /* return 0 in all cases, since we don't want to mark any
2672 * dirservers down just because they don't like us. */
2673 return 0;
2674 }
2675
2676 /**
2677 * Handler function: processes a response to POST request to upload our
2678 * view of the signatures on the current consensus.
2679 **/
2680 static int
2681 handle_response_upload_signatures(dir_connection_t *conn,
2682 const response_handler_args_t *args)
2683 {
2684 tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES);
2685 const int status_code = args->status_code;
2686 const char *reason = args->reason;
2687
2688 switch (status_code) {
2689 case 200: {
2690 log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d",
2691 conn->base_.address, conn->base_.port);
2692 }
2693 break;
2694 case 400:
2695 log_warn(LD_DIR,"http status 400 (%s) response after uploading "
2696 "signatures to dirserver '%s:%d'. Please correct.",
2697 escaped(reason), conn->base_.address, conn->base_.port);
2698 break;
2699 default:
2700 log_warn(LD_GENERAL,
2701 "HTTP status %d (%s) was unexpected while uploading "
2702 "signatures to server '%s:%d'.",
2703 status_code, escaped(reason), conn->base_.address,
2704 conn->base_.port);
2705 break;
2706 }
2707 /* return 0 in all cases, since we don't want to mark any
2708 * dirservers down just because they don't like us. */
2709
2710 return 0;
2711 }
2712
2713 /**
2714 * Handler function: processes a response to a request for a v3 hidden service
2715 * descriptor.
2716 **/
2717 STATIC int
2718 handle_response_fetch_hsdesc_v3(dir_connection_t *conn,
2719 const response_handler_args_t *args)
2720 {
2721 const int status_code = args->status_code;
2722 const char *reason = args->reason;
2723 const char *body = args->body;
2724 const size_t body_len = args->body_len;
2725
2726 tor_assert(conn->hs_ident);
2727
2728 log_info(LD_REND,"Received v3 hsdesc (body size %d, status %d (%s))",
2729 (int)body_len, status_code, escaped(reason));
2730
2731 switch (status_code) {
2732 case 200:
2733 /* We got something: Try storing it in the cache. */
2734 if (hs_cache_store_as_client(body, &conn->hs_ident->identity_pk) < 0) {
2735 log_info(LD_REND, "Failed to store hidden service descriptor");
2736 /* Fire control port FAILED event. */
2737 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2738 "BAD_DESC");
2739 hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
2740 NULL);
2741 } else {
2742 log_info(LD_REND, "Stored hidden service descriptor successfully.");
2743 TO_CONN(conn)->purpose = DIR_PURPOSE_HAS_FETCHED_HSDESC;
2744 hs_client_desc_has_arrived(conn->hs_ident);
2745 /* Fire control port RECEIVED event. */
2746 hs_control_desc_event_received(conn->hs_ident, conn->identity_digest);
2747 hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
2748 body);
2749 }
2750 break;
2751 case 404:
2752 /* Not there. We'll retry when connection_about_to_close_connection()
2753 * tries to clean this conn up. */
2754 log_info(LD_REND, "Fetching hidden service v3 descriptor not found: "
2755 "Retrying at another directory.");
2756 /* Fire control port FAILED event. */
2757 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2758 "NOT_FOUND");
2759 hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
2760 NULL);
2761 break;
2762 case 400:
2763 log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
2764 "http status 400 (%s). Dirserver didn't like our "
2765 "query? Retrying at another directory.",
2766 escaped(reason));
2767 /* Fire control port FAILED event. */
2768 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2769 "QUERY_REJECTED");
2770 hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
2771 NULL);
2772 break;
2773 default:
2774 log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
2775 "http status %d (%s) response unexpected from HSDir server "
2776 "'%s:%d'. Retrying at another directory.",
2777 status_code, escaped(reason), TO_CONN(conn)->address,
2778 TO_CONN(conn)->port);
2779 /* Fire control port FAILED event. */
2780 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2781 "UNEXPECTED");
2782 hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
2783 NULL);
2784 break;
2785 }
2786
2787 return 0;
2788 }
2789
2790 /**
2791 * Handler function: processes a response to a request for a v2 hidden service
2792 * descriptor.
2793 **/
2794 static int
2795 handle_response_fetch_renddesc_v2(dir_connection_t *conn,
2796 const response_handler_args_t *args)
2797 {
2798 tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2);
2799 const int status_code = args->status_code;
2800 const char *reason = args->reason;
2801 const char *body = args->body;
2802 const size_t body_len = args->body_len;
2803
2804 #define SEND_HS_DESC_FAILED_EVENT(reason) \
2805 (control_event_hsv2_descriptor_failed(conn->rend_data, \
2806 conn->identity_digest, \
2807 reason))
2808 #define SEND_HS_DESC_FAILED_CONTENT() \
2809 (control_event_hs_descriptor_content( \
2810 rend_data_get_address(conn->rend_data), \
2811 conn->requested_resource, \
2812 conn->identity_digest, \
2813 NULL))
2814
2815 tor_assert(conn->rend_data);
2816 log_info(LD_REND,"Received rendezvous descriptor (body size %d, status %d "
2817 "(%s))",
2818 (int)body_len, status_code, escaped(reason));
2819 switch (status_code) {
2820 case 200:
2821 {
2822 rend_cache_entry_t *entry = NULL;
2823
2824 if (rend_cache_store_v2_desc_as_client(body,
2825 conn->requested_resource,
2826 conn->rend_data, &entry) < 0) {
2827 log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
2828 "Retrying at another directory.");
2829 /* We'll retry when connection_about_to_close_connection()
2830 * cleans this dir conn up. */
2831 SEND_HS_DESC_FAILED_EVENT("BAD_DESC");
2832 SEND_HS_DESC_FAILED_CONTENT();
2833 } else {
2834 char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
2835 /* Should never be NULL here if we found the descriptor. */
2836 tor_assert(entry);
2837 rend_get_service_id(entry->parsed->pk, service_id);
2838
2839 /* success. notify pending connections about this. */
2840 log_info(LD_REND, "Successfully fetched v2 rendezvous "
2841 "descriptor.");
2842 control_event_hsv2_descriptor_received(service_id,
2843 conn->rend_data,
2844 conn->identity_digest);
2845 control_event_hs_descriptor_content(service_id,
2846 conn->requested_resource,
2847 conn->identity_digest,
2848 body);
2849 conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2;
2850 rend_client_desc_trynow(service_id);
2851 memwipe(service_id, 0, sizeof(service_id));
2852 }
2853 break;
2854 }
2855 case 404:
2856 /* Not there. We'll retry when
2857 * connection_about_to_close_connection() cleans this conn up. */
2858 log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
2859 "Retrying at another directory.");
2860 SEND_HS_DESC_FAILED_EVENT("NOT_FOUND");
2861 SEND_HS_DESC_FAILED_CONTENT();
2862 break;
2863 case 400:
2864 log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
2865 "http status 400 (%s). Dirserver didn't like our "
2866 "v2 rendezvous query? Retrying at another directory.",
2867 escaped(reason));
2868 SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED");
2869 SEND_HS_DESC_FAILED_CONTENT();
2870 break;
2871 default:
2872 log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
2873 "http status %d (%s) response unexpected while "
2874 "fetching v2 hidden service descriptor (server '%s:%d'). "
2875 "Retrying at another directory.",
2876 status_code, escaped(reason), conn->base_.address,
2877 conn->base_.port);
2878 SEND_HS_DESC_FAILED_EVENT("UNEXPECTED");
2879 SEND_HS_DESC_FAILED_CONTENT();
2880 break;
2881 }
2882
2883 return 0;
2884 }
2885
2886 /**
2887 * Handler function: processes a response to a POST request to upload a v2
2888 * hidden service descriptor.
2889 **/
2890 static int
2891 handle_response_upload_renddesc_v2(dir_connection_t *conn,
2892 const response_handler_args_t *args)
2893 {
2894 tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
2895 const int status_code = args->status_code;
2896 const char *reason = args->reason;
2897
2898 #define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) \
2899 (control_event_hs_descriptor_upload_failed( \
2900 conn->identity_digest, \
2901 rend_data_get_address(conn->rend_data), \
2902 reason))
2903
2904 log_info(LD_REND,"Uploaded rendezvous descriptor (status %d "
2905 "(%s))",
2906 status_code, escaped(reason));
2907 /* Without the rend data, we'll have a problem identifying what has been
2908 * uploaded for which service. */
2909 tor_assert(conn->rend_data);
2910 switch (status_code) {
2911 case 200:
2912 log_info(LD_REND,
2913 "Uploading rendezvous descriptor: finished with status "
2914 "200 (%s)", escaped(reason));
2915 control_event_hs_descriptor_uploaded(conn->identity_digest,
2916 rend_data_get_address(conn->rend_data));
2917 rend_service_desc_has_uploaded(conn->rend_data);
2918 break;
2919 case 400:
2920 log_warn(LD_REND,"http status 400 (%s) response from dirserver "
2921 "'%s:%d'. Malformed rendezvous descriptor?",
2922 escaped(reason), conn->base_.address, conn->base_.port);
2923 SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED");
2924 break;
2925 default:
2926 log_warn(LD_REND,"http status %d (%s) response unexpected (server "
2927 "'%s:%d').",
2928 status_code, escaped(reason), conn->base_.address,
2929 conn->base_.port);
2930 SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED");
2931 break;
2932 }
2933
2934 return 0;
2935 }
2936
2937 /**
2938 * Handler function: processes a response to a POST request to upload an
2939 * hidden service descriptor.
2940 **/
2941 static int
2942 handle_response_upload_hsdesc(dir_connection_t *conn,
2943 const response_handler_args_t *args)
2944 {
2945 const int status_code = args->status_code;
2946 const char *reason = args->reason;
2947
2948 tor_assert(conn);
2949 tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_HSDESC);
2950
2951 log_info(LD_REND, "Uploaded hidden service descriptor (status %d "
2952 "(%s))",
2953 status_code, escaped(reason));
2954 /* For this directory response, it MUST have an hidden service identifier on
2955 * this connection. */
2956 tor_assert(conn->hs_ident);
2957 switch (status_code) {
2958 case 200:
2959 log_info(LD_REND, "Uploading hidden service descriptor: "
2960 "finished with status 200 (%s)", escaped(reason));
2961 hs_control_desc_event_uploaded(conn->hs_ident, conn->identity_digest);
2962 break;
2963 case 400:
2964 log_fn(LOG_PROTOCOL_WARN, LD_REND,
2965 "Uploading hidden service descriptor: http "
2966 "status 400 (%s) response from dirserver "
2967 "'%s:%d'. Malformed hidden service descriptor?",
2968 escaped(reason), conn->base_.address, conn->base_.port);
2969 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2970 "UPLOAD_REJECTED");
2971 break;
2972 default:
2973 log_warn(LD_REND, "Uploading hidden service descriptor: http "
2974 "status %d (%s) response unexpected (server "
2975 "'%s:%d').",
2976 status_code, escaped(reason), conn->base_.address,
2977 conn->base_.port);
2978 hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
2979 "UNEXPECTED");
2980 break;
2981 }
2982
2983 return 0;
2984 }
2985
2986 /** Called when a directory connection reaches EOF. */
2987 int
2988 connection_dir_reached_eof(dir_connection_t *conn)
2989 {
2990 int retval;
2991 if (conn->base_.state != DIR_CONN_STATE_CLIENT_READING) {
2992 log_info(LD_HTTP,"conn reached eof, not reading. [state=%d] Closing.",
2993 conn->base_.state);
2994 connection_close_immediate(TO_CONN(conn)); /* error: give up on flushing */
2995 connection_mark_for_close(TO_CONN(conn));
2996 return -1;
2997 }
2998
2999 retval = connection_dir_client_reached_eof(conn);
3000 if (retval == 0) /* success */
3001 conn->base_.state = DIR_CONN_STATE_CLIENT_FINISHED;
3002 connection_mark_for_close(TO_CONN(conn));
3003 return retval;
3004 }
3005 /** We are closing a dir connection: If <b>dir_conn</b> is a dir connection
3006 * that tried to fetch an HS descriptor, check if it successfully fetched it,
3007 * or if we need to try again. */
3008 void
3009 connection_dir_client_refetch_hsdesc_if_needed(dir_connection_t *dir_conn)
3010 {
3011 connection_t *conn = TO_CONN(dir_conn);
3012
3013 /* If we were trying to fetch a v2 rend desc and did not succeed, retry as
3014 * needed. (If a fetch is successful, the connection state is changed to
3015 * DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 or DIR_PURPOSE_HAS_FETCHED_HSDESC to
3016 * mark that refetching is unnecessary.) */
3017 if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 &&
3018 dir_conn->rend_data &&
3019 rend_valid_v2_service_id(
3020 rend_data_get_address(dir_conn->rend_data))) {
3021 rend_client_refetch_v2_renddesc(dir_conn->rend_data);
3022 }
3023
3024 /* Check for v3 rend desc fetch */
3025 if (conn->purpose == DIR_PURPOSE_FETCH_HSDESC &&
3026 dir_conn->hs_ident &&
3027 !ed25519_public_key_is_zero(&dir_conn->hs_ident->identity_pk)) {
3028 hs_client_refetch_hsdesc(&dir_conn->hs_ident->identity_pk);
3029 }
3030 }
3031
3032 /** Array of compression methods to use (if supported) for requesting
3033 * compressed data, ordered from best to worst. */
3034 static compress_method_t client_meth_pref[] = {
3035 LZMA_METHOD,
3036 ZSTD_METHOD,
3037 ZLIB_METHOD,
3038 GZIP_METHOD,
3039 NO_METHOD
3040 };
3041
3042 /** Array of allowed compression methods to use (if supported) when receiving a
3043 * response from a request that was required to be anonymous. */
3044 static compress_method_t client_meth_allowed_anonymous_compression[] = {
3045 ZLIB_METHOD,
3046 GZIP_METHOD,
3047 NO_METHOD
3048 };
3049
3050 /** Return a newly allocated string containing a comma separated list of
3051 * supported encodings. */
3052 STATIC char *
3053 accept_encoding_header(void)
3054 {
3055 smartlist_t *methods = smartlist_new();
3056 char *header = NULL;
3057 compress_method_t method;
3058 unsigned i;
3059
3060 for (i = 0; i < ARRAY_LENGTH(client_meth_pref); ++i) {
3061 method = client_meth_pref[i];
3062 if (tor_compress_supports_method(method))
3063 smartlist_add(methods, (char *)compression_method_get_name(method));
3064 }
3065
3066 header = smartlist_join_strings(methods, ", ", 0, NULL);
3067 smartlist_free(methods);
3068
3069 return header;
3070 }
3071
3072 /** Check if the given compression method is allowed for a connection that is
3073 * supposed to be anonymous. Returns 1 if the compression method is allowed,
3074 * otherwise 0. */
3075 STATIC int
3076 allowed_anonymous_connection_compression_method(compress_method_t method)
3077 {
3078 unsigned u;
3079
3080 for (u = 0; u < ARRAY_LENGTH(client_meth_allowed_anonymous_compression);
3081 ++u) {
3082 compress_method_t allowed_method =
3083 client_meth_allowed_anonymous_compression[u];
3084
3085 if (! tor_compress_supports_method(allowed_method))
3086 continue;
3087
3088 if (method == allowed_method)
3089 return 1;
3090 }
3091
3092 return 0;
3093 }
3094
3095 /** Log a warning when a remote server has sent us a document using a
3096 * compression method that is not allowed for anonymous directory requests. */
3097 STATIC void
3098 warn_disallowed_anonymous_compression_method(compress_method_t method)
3099 {
3100 log_fn(LOG_PROTOCOL_WARN, LD_HTTP,
3101 "Received a %s HTTP response, which is not "
3102 "allowed for anonymous directory requests.",
3103 compression_method_get_human_name(method));
3104 }
3105
3106 /* We just got a new consensus! If there are other in-progress requests
3107 * for this consensus flavor (for example because we launched several in
3108 * parallel), cancel them.
3109 *
3110 * We do this check here (not just in
3111 * connection_ap_handshake_attach_circuit()) to handle the edge case where
3112 * a consensus fetch begins and ends before some other one tries to attach to
3113 * a circuit, in which case the other one won't know that we're all happy now.
3114 *
3115 * Don't mark the conn that just gave us the consensus -- otherwise we
3116 * would end up double-marking it when it cleans itself up.
3117 */
3118 static void
3119 connection_dir_close_consensus_fetches(dir_connection_t *except_this_one,
3120 const char *resource)
3121 {
3122 smartlist_t *conns_to_close =
3123 connection_dir_list_by_purpose_and_resource(DIR_PURPOSE_FETCH_CONSENSUS,
3124 resource);
3125 SMARTLIST_FOREACH_BEGIN(conns_to_close, dir_connection_t *, d) {
3126 if (d == except_this_one)
3127 continue;
3128 log_info(LD_DIR, "Closing consensus fetch (to %s) since one "
3129 "has just arrived.", TO_CONN(d)->address);
3130 connection_mark_for_close(TO_CONN(d));
3131 } SMARTLIST_FOREACH_END(d);
3132 smartlist_free(conns_to_close);
3133 }
3134 /** Called when one or more routerdesc (or extrainfo, if <b>was_extrainfo</b>)
3135 * fetches have failed (with uppercase fingerprints listed in <b>failed</b>,
3136 * either as descriptor digests or as identity digests based on
3137 * <b>was_descriptor_digests</b>).
3138 */
3139 static void
3140 dir_routerdesc_download_failed(smartlist_t *failed, int status_code,
3141 int router_purpose,
3142 int was_extrainfo, int was_descriptor_digests)
3143 {
3144 char digest[DIGEST_LEN];
3145 time_t now = time(NULL);
3146 int server = directory_fetches_from_authorities(get_options());
3147 if (!was_descriptor_digests) {
3148 if (router_purpose == ROUTER_PURPOSE_BRIDGE) {
3149 tor_assert(!was_extrainfo);
3150 connection_dir_retry_bridges(failed);
3151 }
3152 return; /* FFFF should implement for other-than-router-purpose someday */
3153 }
3154 SMARTLIST_FOREACH_BEGIN(failed, const char *, cp) {
3155 download_status_t *dls = NULL;
3156 if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) != DIGEST_LEN) {
3157 log_warn(LD_BUG, "Malformed fingerprint in list: %s", escaped(cp));
3158 continue;
3159 }
3160 if (was_extrainfo) {
3161 signed_descriptor_t *sd =
3162 router_get_by_extrainfo_digest(digest);
3163 if (sd)
3164 dls = &sd->ei_dl_status;
3165 } else {
3166 dls = router_get_dl_status_by_descriptor_digest(digest);
3167 }
3168 if (!dls)
3169 continue;
3170 download_status_increment_failure(dls, status_code, cp, server, now);
3171 } SMARTLIST_FOREACH_END(cp);
3172
3173 /* No need to relaunch descriptor downloads here: we already do it
3174 * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
3175 }
3176
3177 /** Called when a connection to download microdescriptors from relay with
3178 * <b>dir_id</b> has failed in whole or in part. <b>failed</b> is a list
3179 * of every microdesc digest we didn't get. <b>status_code</b> is the http
3180 * status code we received. Reschedule the microdesc downloads as
3181 * appropriate. */
3182 static void
3183 dir_microdesc_download_failed(smartlist_t *failed,
3184 int status_code, const char *dir_id)
3185 {
3186 networkstatus_t *consensus
3187 = networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC);
3188 routerstatus_t *rs;
3189 download_status_t *dls;
3190 time_t now = time(NULL);
3191 int server = directory_fetches_from_authorities(get_options());
3192
3193 if (! consensus)
3194 return;
3195
3196 /* We failed to fetch a microdescriptor from 'dir_id', note it down
3197 * so that we don't try the same relay next time... */
3198 microdesc_note_outdated_dirserver(dir_id);
3199
3200 SMARTLIST_FOREACH_BEGIN(failed, const char *, d) {
3201 rs = router_get_mutable_consensus_status_by_descriptor_digest(consensus,d);
3202 if (!rs)
3203 continue;
3204 dls = &rs->dl_status;
3205
3206 { /* Increment the failure count for this md fetch */
3207 char buf[BASE64_DIGEST256_LEN+1];
3208 digest256_to_base64(buf, d);
3209 log_info(LD_DIR, "Failed to download md %s from %s",
3210 buf, hex_str(dir_id, DIGEST_LEN));
3211 download_status_increment_failure(dls, status_code, buf,
3212 server, now);
3213 }
3214 } SMARTLIST_FOREACH_END(d);
3215 }
The Onion Router